Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network.
Microsoft SQL Server Elevation of Privilege Vulnerability↗2025-11-11
▶
GHSA
GHSA-pm2c-qc4c-h96f: Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges↗2025-11-11
▶
📋Vendor Advisories
1
Microsoft
Microsoft SQL Server Elevation of Privilege Vulnerability↗2025-11-11
▶
CVE-2025-59499 (HIGH CVSS 8.8) | Improper neutralization of special | cvebase.io