Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

stable

Clone or download

Read-only

request #16214: SQL injection in CVS revisions browser

Download Browse

Also fixes a reflected XSS via the same injection point. Change-Id: I4e4d5132e748f57db46f4b685cc18e577ed5496f

+44 −15
Thomas Gerbet (tgerbet) 2020-08-12 12:57
Thomas Gerbet (tgerbet) 2020-08-12 12:57
ff75f2899c60a4546ee2d532e68a3febd07bdd14
29022e25f508c6668204a4a5e3eb48e62bcfff9f
git #tuleap/stable/ff75f2899c60a4546ee2d532e68a3febd07bdd14

Modified Files

Side by side diff
Inline diff
Name
M src/www/cvs/browse_commit.php +2 −2 Go to diff View file
M src/www/cvs/commit_utils.php +42 −13 Go to diff View file