Discovered almost 5 years ago
Source: static code analysis
Category: SQL Injection
Confidence level: Medium

Problem

Possible SQL injection

Location

app/models/user_search.rb:95

User.joins("JOIN (SELECT unnest uid, row_number() OVER () AS rn\n      FROM unnest('{#{search_ids.join(",")}}'::int[])\n    ) x on uid = users.id")

Category description: SQL injection is when a user is able to manipulate a value which is used unsafely inside a SQL query.

Solution: fix the issue in app/models/user_search.rb or mark it as false positive.