Skip to content

Escaping query values #2

Open
Open
Escaping query values#2
@seungha-kim

Description

@seungha-kim
seungha-kim
opened on Jul 6, 2019

현재 template literal을 사용하고 있어서, SQL injection 공격에 노출되어 있음.

적절히 escape 해주어야 함

참고: https://www.npmjs.com/package/mysql#performing-queries

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions