SQL Injection via Full-Text Autocomplete Search

SQL Injection via Full-Text Autocomplete Search

CVE-2023-26443 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Full-text autocomplete search allows user-provided SQL syntax to be injected to SQL statements. With existing sanitization in place, this can be abused to trigger benign SQL Exceptions but could potentially be escalated to a malicious SQL injection vulnerability. We now properly encode single quotes for SQL FULLTEXT queries. No publicly available exploits are known.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.