PR REVIEWSQL Injection via Template Literals#312AirbnbShopify
00:00Junior~10 min
PULL REQUEST
Open#312 · 1 commit
SQL Injection via Template Literals
junior-dev-99 wants to mergefeature/login-audit-loggingmain
JU
junior-dev-99
1 file changed · 1 hour ago
YOUR MISSION
Security scan flagged this PR. A junior dev added audit logging to the login route — but left a critical vulnerability untouched. Find it before it ships.
Junior~10 min
HINTS (0/3 used)
REVIEWING AS
SR
Senior Engineer
@ Airbnb · Backend Platform
src / routes / auth.js+3 1
4
4
router.post('/login', async (req, res) => {
5
5
const { email, password } = req.body;
6
6
7
+
console.log(`Login attempt for: ${email}`);
+
8
+
+
7
9
const result = await db.query(
8
`SELECT * FROM users WHERE email = '${email}'`
+
10
+
`SELECT * FROM users WHERE email = '${email}' AND active = true`
+
9
11
);
10
12
11
13
if (!result.rows[0]) {
12
14
return res.status(401).json({ error: 'Invalid credentials' });
13
15
}
Click any changed line (+/−) to flag an issue · or Approve if everything looks safe