Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SQL injection on Batch Manager, unit mode #825

Closed
plegall opened this issue Dec 18, 2017 · 0 comments
Closed

SQL injection on Batch Manager, unit mode #825

plegall opened this issue Dec 18, 2017 · 0 comments
Assignees
@plegall
Labels
Section: Security
Milestone
2.9.3

Comments

@plegall
Copy link
Member

plegall commented Dec 18, 2017
edited

The Batch Manager has a SQL injection vulnerability. The bug is not critical because it requires administration access to be exploited, but needs to be fixed anyway.

Reported by Sahil Dhar
@plegall plegall added this to the 2.9.3 milestone Dec 18, 2017
@plegall plegall self-assigned this Dec 18, 2017
plegall added a commit that referenced this issue Dec 18, 2017
@plegall
(cp 9028c75) fixes #825, check user input on Batch Manager, unit mode…
f7c8e0a 
…, to prevent SQL injection
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@plegall plegall

Labels
Section: Security
Projects
None yet
Milestone
2.9.3
Development

No branches or pull requests
1 participant
@plegall