Unsanitized input in NoSQL query

  • Rule ID: javascript_express_nosql_injection
  • Languages: javascript
  • Source: nosql_injection.yml

Description

Using unsanitized data in NoSQL queries exposes your application to NoSQL injection attacks. This vulnerability arises when user input, request data, or any externally influenced data is directly passed into a NoSQL query function without proper sanitization.

Remediations

  • Do not include raw, unsanitized user input in NoSQL queries. This practice can lead to NoSQL injection vulnerabilities.
      const User = require("../models/user")
    const newUser = new User(req.body); // unsafe
  • Do sanitize all input data before using it in NoSQL queries. Ensuring data is properly sanitized can prevent NoSQL injection attacks.
      const User = require("../models/user");

    username = req.params.username;
    User.findOne({ name: username.toString() });

References

Associated CWE

Configuration

To skip this rule during a scan, use the following flag

bearer scan /path/to/your-project/ --skip-rule=javascript_express_nosql_injection

To run only this rule during a scan, use the following flag

bearer scan /path/to/your-project/ --only-rule=javascript_express_nosql_injection