App Broker Knowledge Base

cancel
Showing results for 
Search instead for 
Did you mean: 

App Broker Knowledge Base

MachineName Parameter can be used to Exploit a SQL Injection Vulnerability in App Broker

1 0 460
Symptoms: A SQL injection vulnerability in App Broker 2018R1 and earlier allows local users to execute arbitrary SQL commands via the MachineName parameter. Diagnosis: The machine name sent by the client is not validated, and can be used to deliv...
by Community Manager RDanailov Community Manager