Monika security issue (SQL injection) #178
Description
Hello,
The IT team of our university (also #165) informed us that there is a security issue with monika (SQL injection).
/monika/monika?job=-1%20OR%203*2*1=6%20AND%20000436=000436%20--%20
Hopefully, it's with the read-only user.
But still our server doesn't like it (postgresql process uses 100% CPU after that kind of request):
We are using the version 2.5.8~rc8-1 with postgresql 10.14-0ubuntu0.18.0.