Hello, On Fri, 04 Apr 2025 18:54:21 +0000 Elad Kalif <elad...@apache.org> wrote:
> https://github.com/apache/airflow/pull/48098 If I read this code correctly, the only thing this PR changes is to reject inputs with an ";" character. I am not familiar with the codebase, and also by no means an expert in SQL injections. But I am pretty sure there are ways to exploit SQL injections that do not involve a ";" character. Can anyone familiar with the issue check that this is indeed a proper fix? -- Hanno Böck https://hboeck.de/
