Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Falcon-plus v0.3 was discovered to contain a SQL injection vulnerability via the parameter grpName in /config/service/host.go.
Advisories for Golang/Github.com/Open-Falcon/Falcon-Plus package
2022