Earn a 50% discount on the DP-600 certification exam by completing the Fabric 30 Days to Learn It challenge.
Hi everyone,
While doing testing on one of our reports we uncovered that we can actually perform SQL injection via the Q&A visual .
You can even test this by writting
'or 1=1--
in the Q&A visual of the Power BI sample report offered by Microsoft called "Sales and Returns sample v201912"
Is there a way to stop SQL injections from taking place via the Q&A visual ?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.