Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Get Fabric Certified for FREE during Fabric Data Days. Don't miss your chance! Request now

Reply
EmanuelKakuja
New Member

SQL injection in Q&A Visual

‎10-25-2021 11:28 AM

Hi everyone, 
While doing testing on one of our reports we uncovered that we can actually perform SQL injection via the Q&A visual .
You can even test this by writting 
'or 1=1--
in the Q&A visual of the Power BI sample report offered by Microsoft called "Sales and Returns sample v201912"

Is there a way to stop SQL injections from taking place via the Q&A visual ? 


Labels:
Message 1 of 3
1,600 Views
1 ACCEPTED SOLUTION
EmanuelKakuja
New Member
In response to amitchandak

‎11-01-2021 01:50 AM

Hi @amitchandak thank you for the advice ; i created the following issue ; fingers crossed 😄 

SQL injection in Q&A Visual - Microsoft Power BI Community 

 

View solution in original post

Message 3 of 3
1,455 Views
2 REPLIES 2
amitchandak
Super User
Super User

‎10-25-2021 09:12 PM

@EmanuelKakuja , Please report an issue - https://community.powerbi.com/t5/Issues/idb-p/Issues

Share with Power BI Enthusiasts: Full Power BI Video (20 Hours) YouTube
Microsoft Fabric Series 60+ Videos YouTube
Microsoft Fabric Hindi End to End YouTube
Message 2 of 3
1,491 Views
EmanuelKakuja
New Member
In response to amitchandak

‎11-01-2021 01:50 AM

Hi @amitchandak thank you for the advice ; i created the following issue ; fingers crossed 😄 

SQL injection in Q&A Visual - Microsoft Power BI Community 

 

Message 3 of 3
1,456 Views

Helpful resources

Announcements
Fabric Data Days Carousel

Fabric Data Days

Advance your Data & AI career with 50 days of live learning, contests, hands-on challenges, study groups & certifications and more!

October Power BI Update Carousel

Power BI Monthly Update - October 2025

Check out the October 2025 Power BI update to learn about new features.

FabCon Atlanta 2026 carousel

FabCon Atlanta 2026

Join us at FabCon Atlanta, March 16-20, for the ultimate Fabric, Power BI, AI and SQL community-led event. Save $200 with code FABCOMM.

View All
Top Solution Authors
View All