🔒 [DevSync] [E2E Test] SQL Injection in user authentication - 18:32 #16
Description
Security Finding - DevSync RTO
RTO ID: 11b6badc-eea5-4092-8cb8-60d64c2368bb
Severity: HIGH
Status: created
Service: backend-api
Description
Vulnerability Details
A SQL injection vulnerability was detected in the user authentication module.
Location: backend/auth/login.py:45
Severity: High
CWE: CWE-89 (SQL Injection)
Attack Vector
User-supplied input is concatenated directly into SQL query without sanitization.
Proof of Concept
username = "admin' OR '1'='1"
query = f"SELECT * FROM users WHERE username = '{username}'"Remediation
Use parameterized queries or an ORM to prevent SQL injection.
Details
- Source: N/A
- Type: vulnerability
- File: N/A
Links
This issue was automatically created by DevSync