Security: SQL Injection in SQL Server "LIMIT" / &quot

Source: blog.laravel.com

Security: SQL Injection in SQL Server "LIMIT" / &quot

Category: Laravel, MySQL

Today we have released security patches via Laravel 6.20.26 and 8.40.0. These patches resolve a security vulnerability that allowed SQL injection when unfiltered user input was passed directly to the limit and offset methods of the Laravel query builder and the user was also using Microsoft SQL Server as their database. Other database drivers such as MySQL and Postgres do not appear to be affected by this problem at this time. All Laravel users are encouraged to update immediately, or, if you are unable to update to these versions, ensure that you are only passing integers to the limit and offset methods. This security vulnerability has been published as a GitHub security advisory: https://github.com/laravel/framework/security/advisories/GHSA-4mg9-vhxq-vm7j
Read Full Article On blog.laravel.com
Achieve superior email deliverability with ToastMail! Our AI-driven tool warms up inboxes, monitors reputation, and ensures emails reach their intended destination. Sign up today for a spam-free future.
Newsletter

Get the latest Laravel/PHP jobs, events and curated articles straight to your inbox, once a week

Fathom Analytics | Fast, simple and privacy-focused website analytics.

Fathom Analytics

Fathom Analytics | Fast, simple and privacy-focused website analytics.
Achieve superior email deliverability with ToastMail! Our AI-driven tool warms up inboxes, monitors reputation, and ensures emails reach their intended destination. Sign up today for a spam-free future.

ToastMail

Achieve superior email deliverability with ToastMail! Our AI-driven tool warms up inboxes, monitors reputation, and ensures emails reach their intended destination. Sign up today for a spam-free future.
Community Partners
Autonomous.ai | Best Standing Desks & Ergonomic Office Chairs

Digital Ocean

Koho

Become a Partner?
Laravel/PHP Careers
    • Add a Job?