connect-pg-simple before 6.0.1 allows SQL injection if tableName or schemaName is untrusted data.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected