What the vulnerability does
01Description
Due to improper input filtering in the sequalize js library, can malicious queries lead to sensitive information disclosure.
CVE-2023-22580
MEDIUM
CVE-2023-22580: Sequalize - Bad query filtering leading to SQL errors
CVSS base score
5.3/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Key dates
02Disclosure timeline
February 16, 2023
CVE published
April 1, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2025-47855
CVE-2025-13653 Unauthorized access to documents in data streams with specially crafted requests
CVE-2024-30381 Paragon Active Assurance: probe_serviced exposes internal objects to local users
CVE-2025-59188 Microsoft Failover Cluster Information Disclosure Vulnerability
CVE-2026-32951 Discourse: Authorization bypass in oneboxer via user-controlled category id
