#375 HIGH: SQL injection pattern in platform.py tenant deletion

closed high Created 2025-12-11 21:54 · Updated 2025-12-11 22:05

Description

Edit

platform.py:1083-1121 uses f-strings for table names in DELETE queries. Should use psycopg.sql.Identifier() for safe identifier quoting to prevent SQL injection.

Comments

Loading comments...

Context

Loading context...

Audit History

View All

Loading audit history...

#375 HIGH: SQL injection pattern in platform.py tenant deletion

Description

Similar Issues

Comments

Context

Audit History