1 results (0.015 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

A vulnerability was found in forcedotcom SalesforceMobileSDK-Windows up to 4.x. It has been rated as critical. This issue affects the function ComputeCountSql of the file SalesforceSDK/SmartStore/Store/QuerySpec.cs. The manipulation leads to sql injection. Upgrading to version 5.0.0 is able to address this issue. • https://github.com/forcedotcom/SalesforceMobileSDK-Windows/commit/83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8 https://github.com/forcedotcom/SalesforceMobileSDK-Windows/releases/tag/v5.0.0 https://vuldb.com/?ctiid.217619 https://vuldb.com/?id.217619 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •