Blind SQL Injection
solozly opened this issue · comments
This script is possibly vulnerable to SQL Injection attacks
An attacker may execute arbitrary SQL statements on the vulnerable system. This may compromise the integrity of your database and/or expose sensitive information.
http://127.0.0.1:8081/user/list?query=1 vulnerability:'query'
Your script should filter metacharacters from user input.
Check detailed information for more information about fixing this vulnerability
@solozly Thank you for the report. This issue is fixed at open-falcon/falcon-plus#733