Commit c2cffd3
Fix N1QL injection in nested Hash attribute updates
Parameterize Hash values in build_update_with_params using bind()
instead of direct string interpolation, which was both a security
vulnerability and defeated prepared-statement caching.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>1 parent 702c88c commit c2cffd3
1 file changed
Lines changed: 1 addition & 1 deletion
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
225 | 225 | | |
226 | 226 | | |
227 | 227 | | |
228 | | - | |
| 228 | + | |
229 | 229 | | |
230 | 230 | | |
231 | 231 | | |
| |||
0 commit comments