Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:34714
HistoryMar 16, 2022 - 8:25 a.m.

SQL Injection

2022-03-1608:25:15
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
24
sylius grid bundle
sql injection
database security
arbitrary queries

EPSS

0.002

Percentile

55.8%

sylius/grid-bundle is vulnerable to SQL Injection attacks. The library directly passes the values added at the end of query sorting to the database, allowing a malicious user to inject and execute arbitrary SQL queries on the system.

EPSS

0.002

Percentile

55.8%

Related for VERACODE:34714