CVE-2019-15658

Published August 26th, 2019

View on NVD ↗

CVSS v3

N/A

CVSS v2

7.5

HIGH

Affected

1

PROJECT

Description

connect-pg-simple before 6.0.1 allows SQL injection if tableName or schemaName is untrusted data.

voxpelli/node-connect-pg-simple

A simple, minimal PostgreSQL session store for Express

GitHub

248