Meshery · Meshery · CVE-2023-46575
**Name of the Vulnerable Software and Affected Versions**
Meshery versions prior to 0.6.179
**Description**
A SQL injection issue exists, enabling a remote attacker to retrieve sensitive information and execute arbitrary code through the `order` parameter.
**Recommendations**
For versions prior to 0.6.179, update to version 0.6.179 or later to resolve the issue.
As a temporary workaround, consider restricting access to the `order` parameter to minimize the risk of exploitation.