Due to improper parameter filtering in the sequalize js library, can a attacker peform injection.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HSequelizejs Sequelize
APPSequelizejs7.0.0< 6.28.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Related vulnerabilities
CVE-2023-25813CRITICAL10.0ten sam produkt
Sequelize is a Node.js ORM tool. In versions prior to 6.19.1 a SQL injection exploit exists related to replace...
CVE-2023-22578CRITICAL10.0ten sam produkt
Due to improper artibute filtering in the sequalize js library, can a attacker peform SQL injections.
CVE-2019-10749CRITICAL9.8ten sam produkt
sequelize before version 3.35.1 allows attackers to perform a SQL Injection due to the JSON path keys not bein...
CVE-2019-10748CRITICAL9.8ten sam produkt
Sequelize all versions prior to 3.35.1, 4.44.3, and 5.8.11 are vulnerable to SQL Injection due to JSON path ke...
CVE-2019-10752CRITICAL9.8ten sam produkt
Sequelize, all versions prior to version 4.44.3 and 5.15.1, is vulnerable to SQL Injection due to sequelize.js...