Description
Due to improper input validation in the Feathers js library, it is possible to perform a SQL injection attack on the back-end database, in case the feathers-sequelize package is used.
Remediation
References
https://csirt.divd.nl/CVE-2022-2422
https://csirt.divd.nl/DIVD-2022-00020
Related Vulnerabilities
CVE-2021-23900 Vulnerability in maven package com.mikesamuel:json-sanitizer
CVE-2018-1000174 Vulnerability in maven package org.jenkins-ci.plugins:google-login
CVE-2022-24898 Vulnerability in maven package org.xwiki.commons:xwiki-commons-xml
CVE-2022-35954 Vulnerability in npm package @actions/core
CVE-2019-1003055 Vulnerability in maven package org.jvnet.hudson.plugins:ftppublisher