SQL Injection Vulnerability
★★★★★
📁 django/django 🔢
jkl3456 Security ★★★★★
Difficulty
+200 XP reward
UserRepository.js.js | 9 lines
Original (Buggy) Read-only
1
2
3
4
5
6
7
8
9
function findUserByUsername(username) {
const query = `SELECT * FROM users WHERE username = '${username}'`;
return database.query(query);
}
function deleteUser(userId) {
const query = `DELETE FROM users WHERE id = ${userId}`;
return database.query(query);
}
Your Fix Editable
1
2
3
4
5
6
7
8
9
0 added
0 removed
0 changed
Click lines on the left to mark as buggy
Submit Your Fix
Lines marked: 0
Edit the code on the right panel above to fix the bugs. Changes are highlighted in real-time.
■ Removed ■ Changed ■ Added Click lines on the left to mark buggy lines