SQL Injection Vulnerability in Pixie Versions 1.0.x and 2.0.x

SQL Injection Vulnerability in Pixie Versions 1.0.x and 2.0.x

CVE-2019-10766 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Pixie versions 1.0.x before 1.0.3, and 2.0.x before 2.0.2 allow SQL Injection in the limit() function due to improper sanitization.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.