Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Docs] IBM DB2 sample should use parameterized query #10283

Open
pergardebrink opened this issue Aug 4, 2023 · 0 comments
Open

[Docs] IBM DB2 sample should use parameterized query #10283

pergardebrink opened this issue Aug 4, 2023 · 0 comments

Comments

@pergardebrink
Copy link

Description

The sample in the Auth0 docs for IBM DB2 is not using a parameterized SQL Query. If anyone uses this snippet of code, they would be vulnerable to SQL Injection.

https://auth0.com/docs/authenticate/database-connections/db2-script
https://github.com/auth0/docs/blob/master/articles/connections/database/db2-script.md?plain=1

The sample should instead use a parameterized query: https://github.com/ibmdb/node-ibm_db/blob/master/APIDocumentation.md#-3-querysqlquery--bindingparameters-callback
@pergardebrink pergardebrink changed the title IBM DB2 sample should use parameterized query [Docs] IBM DB2 sample should use parameterized query Aug 4, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@pergardebrink