Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

stable

Clone or download

Read-only

Merge commit 'refs/changes/82/10682/7' of ssh://gerrit.tuleap.net:29418/tuleap into HEAD

Download Browse

* ssh://gerrit.tuleap.net:29418/tuleap: request #11192: Filters set in tracker reports are vulnerable to SQL injections

+29 −46
Nicolas Terray (nterray) 2018-02-27 13:57
Nicolas Terray (nterray) 2018-02-27 13:57
e14a87fe10e83c743e1ee0df83dcd46cfa03cc4e
git #tuleap/stable/e14a87fe10e83c743e1ee0df83dcd46cfa03cc4e

Modified Files

Side by side diff
Inline diff
Name
M plugins/tracker/include/Tracker/FormElement/Tracker_FormElement_Field_Date.class.php +6 −27 Go to diff View file
M plugins/tracker/include/Tracker/FormElement/Tracker_FormElement_Field_LastModifiedBy.class.php +4 −3 Go to diff View file
M plugins/tracker/include/Tracker/FormElement/Tracker_FormElement_Field_List_Bind.class.php +9 −5 Go to diff View file
M plugins/tracker/include/Tracker/FormElement/Tracker_FormElement_Field_OpenList.class.php +3 −5 Go to diff View file
M plugins/tracker/include/Tracker/FormElement/Tracker_FormElement_Field_SubmittedBy.class.php +7 −6 Go to diff View file