Register now to learn Fabric in free live sessions led by the best Microsoft experts. From Apr 16 to May 9, in English and Spanish.
Hi everyone,
While doing testing on one of our reports we uncovered that we can actually perform SQL injection via the Q&A visual .
You can even test this by writting
'or 1=1--
in the Q&A visual of the Power BI sample report offered by Microsoft called "Sales and Returns sample v201912"
Is there a way to stop SQL injections from taking place via the Q&A visual ?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.