CVE-2022-2422

Summary

Due to improper input validation in the Feathers js library, it is possible to perform a SQL injection attack on the back-end database, in case the feathers-sequelize package is used.

Affected Software

VendorProductVersion RangeStatus
Feather jsFeathers-Sequalize6.x < 6.3.4affected

Weaknesses

  • CWE-89: CWE-89 SQL Injection

ADP Enrichment

CVE Program Container

Additional References

References