logo

Database

Javascript Nosql Injection User Input

Description

Detects potential NoSQL injection vulnerabilities in JavaScript code where user input is handled unsafely in ternary expressions used in database operations. These vulnerabilities could allow attackers to manipulate database queries through malicious user input, potentially leading to unauthorized data access or manipulation.

Weakness:

106 - NoSQL injection

Category: Unexpected Injection

Detection Strategy

    Identifies JavaScript code that uses ternary operators in database query operations

    Checks if user-controllable input is directly used within the ternary expression without proper sanitization

    Reports a vulnerability when unsanitized user input flows into NoSQL database operations through ternary expressions

    Examines the relationship between user input sources and database query operations

Vulnerable code example

const db = require('./database');

async function processOrder(req, res) {
  try {
    // Vulnerable: Directly using request body values without validation
    await db.orders.insert({
      paymentId: req.body.orderDetails.paymentId,  // Unsafe: No null checks or validation
      addressId: req.body.orderDetails.addressId,   // Unsafe: Could cause null reference...

✅ Secure code example

const db = require('./database');
const { body, validationResult } = require('express-validator'); // For input validation
const sanitizer = require('./utils/sanitizer');

// Validation middleware
const validateOrder = [
  body('orderDetails.paymentId').exists().isString().trim(),
  body('orderDetails.addressId').exists().isString().trim(),...