DerScanner
Home / Vulnerability Database / PL or SQL : Schema unspecified
PL/SQL

PL or SQL : Schema unspecified

Classification

CWE
CWE-269

Overview

The expression does not define the schema, which can be insecure if the procedure is invoked with the current user’s privileges. If the schema is not specified, the query is resolved using the current schema of the user.

References

  1. CWE-269: Improper Privilege Management
  2. Schema Objects - docs.oracle.com
LOW

DerScanner Severity Score

Do you want to fix PL or SQL : Schema unspecified in your application?

See also

PL/SQL

PL or SQL : Open redirect

PL/SQL

PL or SQL : Cross-site scripting (XSS)

PL/SQL

PL or SQL : Weak hashing algorithm