[PR #234] [MERGED] patch SQL injection opportunities [LOW RISK] #3257

Closed
opened 2026-02-22 18:33:24 -05:00 by yindo · 0 comments
Owner

📋 Pull Request Information

Original PR: https://github.com/Mintplex-Labs/anything-llm/pull/234
Author: @timothycarambat
Created: 9/11/2023
Status: Merged
Merged: 9/11/2023
Merged by: @timothycarambat

Base: masterHead: workspace-sql-injection


📝 Commits (1)

  • 71b7bc6 patch SQL injection opportunities [LOW RISK]

📊 Changes

13 files changed (+69 additions, -41 deletions)

View changed files

📝 server/endpoints/admin.js (+11 -7)
📝 server/endpoints/api/admin/index.js (+6 -2)
📝 server/endpoints/api/workspace/index.js (+10 -7)
📝 server/endpoints/chat.js (+3 -2)
📝 server/endpoints/invite.js (+3 -2)
📝 server/endpoints/system.js (+2 -1)
📝 server/endpoints/workspaces.js (+15 -12)
📝 server/models/invite.js (+4 -2)
📝 server/models/user.js (+4 -2)
📝 server/models/workspace.js (+2 -1)
📝 server/package.json (+2 -1)
📝 server/utils/middleware/validApiKey.js (+2 -2)
📝 server/yarn.lock (+5 -0)

📄 Description

https://huntr.dev/bounties/70a2fb18-f030-4abb-9ddc-13f94107ac9d
https://huntr.dev/bounties/a3dda692-7e8a-44a9-bd96-24cfd3f721d2


🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/Mintplex-Labs/anything-llm/pull/234 **Author:** [@timothycarambat](https://github.com/timothycarambat) **Created:** 9/11/2023 **Status:** ✅ Merged **Merged:** 9/11/2023 **Merged by:** [@timothycarambat](https://github.com/timothycarambat) **Base:** `master` ← **Head:** `workspace-sql-injection` --- ### 📝 Commits (1) - [`71b7bc6`](https://github.com/Mintplex-Labs/anything-llm/commit/71b7bc6dcd7a920900803ee0ebd49bb266402504) patch SQL injection opportunities [LOW RISK] ### 📊 Changes **13 files changed** (+69 additions, -41 deletions) <details> <summary>View changed files</summary> 📝 `server/endpoints/admin.js` (+11 -7) 📝 `server/endpoints/api/admin/index.js` (+6 -2) 📝 `server/endpoints/api/workspace/index.js` (+10 -7) 📝 `server/endpoints/chat.js` (+3 -2) 📝 `server/endpoints/invite.js` (+3 -2) 📝 `server/endpoints/system.js` (+2 -1) 📝 `server/endpoints/workspaces.js` (+15 -12) 📝 `server/models/invite.js` (+4 -2) 📝 `server/models/user.js` (+4 -2) 📝 `server/models/workspace.js` (+2 -1) 📝 `server/package.json` (+2 -1) 📝 `server/utils/middleware/validApiKey.js` (+2 -2) 📝 `server/yarn.lock` (+5 -0) </details> ### 📄 Description https://huntr.dev/bounties/70a2fb18-f030-4abb-9ddc-13f94107ac9d https://huntr.dev/bounties/a3dda692-7e8a-44a9-bd96-24cfd3f721d2 --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
yindo added the pull-request label 2026-02-22 18:33:24 -05:00
yindo closed this issue 2026-02-22 18:33:24 -05:00
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: Mintplex-Labs/anything-llm#3257