Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

#406 secured implementations for Union SQL Injection #452

Merged
merged 5 commits into from
Dec 18, 2023

Conversation

x7Git
Copy link
Contributor

@x7Git x7Git commented Nov 14, 2023

When using JPA with CarInformation-Entity id must always be parsed to an integer. This leads to an NumberFormatException querying the entity-id field with an injection string. To ensure the implementations are safe the sql injection id should be replaced by an string field e.g. name.

@preetkaran20 preetkaran20 self-requested a review December 18, 2023 03:40
@preetkaran20
Copy link
Member

@x7Git Thanks a lot for the PR. Looks good to me. Merging it now.

@preetkaran20 preetkaran20 merged commit 4986733 into SasanLabs:master Dec 18, 2023
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants