logo

Database

Typescript Marsdb Nosql Injection

Description

This detector identifies NoSQL injection vulnerabilities in TypeScript applications using the MarsDB library. It detects when user-controlled input is passed to MarsDB query operations without proper sanitization, which can allow attackers to manipulate database queries and potentially access or modify unauthorized data.

Weakness:

106 - NoSQL injection

Category: Unexpected Injection

Detection Strategy

    The code imports or uses the MarsDB library (typically imported as 'marsdb')

    MarsDB query methods are called with parameters that contain unsanitized user input

    User input flows directly into MarsDB collection operations like find(), update(), remove(), or insert() without validation or parameterization

    The detector checks for dangerous patterns where external data sources (HTTP requests, user inputs, etc.) are directly concatenated or inserted into MarsDB query objects

Vulnerable code example

import { type Request, type Response } from 'express'
const MarsDB = require('marsdb')

const users = new MarsDB.Collection('users')

export function vulnerableEndpoint(req: Request, res: Response) {
  // Vulnerable: user input passed directly to MarsDB query
  users.findOne(req.body.query)...

✅ Secure code example

import { type Request, type Response } from 'express'
const MarsDB = require('marsdb')

const users = new MarsDB.Collection('users')

export function vulnerableEndpoint(req: Request, res: Response) {
  // Safe: validate and sanitize user input before querying
  const allowedFields = ['username', 'email', 'status']...