The high security vulnerability in the below code is Connection_String_Injection

The high security vulnerability in the below code is Connection_String_Injection.engine = create_engine(‘postgresql://’ + secret[‘u’] + ‘:’ + secret[‘p’] + ‘@’ + os.environ[‘DatabaseHost’] + ‘:’ + os.environ[‘DatabasePort’] + ‘:’ + os.environ[‘DatabaseName’] + ”, connect_args=ssl_args)There are 3 vulnerabilities in the above code:1. os.environ[‘DatabaseHost’]2. os.environ[‘DatabasePort’]3. os.environ[‘DatabaseName’]
Requirements: 50 words

Published
Categorized as Python

Leave a comment

Your email address will not be published. Required fields are marked *