CVSS v3.x: 7.5 (High)
- >= 2.6.0
For some queries, specific variable values can modify the query rather than just the variable. This can occur if:
- the query’s data source uses different escaping than the Rails database OR
- the query has a variable inside a string literal
Since Blazer is designed to run arbitrary queries, the impact will typically be low. Users cannot run any queries they could not have already run. However, an attacker could get a user to run a query they would not have normally run. If the data source has write permissions, this could include modifying data in some cases.