Ticket #2033 (closed defeito: fixed)
Correção de vulnerabilidade
Reported by: | brunocosta | Owned by: | ninguem |
---|---|---|---|
Priority: | normal | Milestone: | Expresso 2.2.6 |
Component: | API | Version: | branch 2.2 |
Severity: | grave | Keywords: | TAG2.2.0.1.5, SS 112506, Sync24 |
Cc: | WorkGroup: |
Description (last modified by brunocosta) (diff)
Corrogir possível vulnerabilidade no sistema.
Change History
comment:1 Changed 13 years ago by brunocosta
- Status changed from new to closed
- Resolution set to fixed
comment:2 Changed 13 years ago by guilherme.silva
- Keywords TAG2.2.0.1.5, SS 112506 added; TAG2.2.0.1.5 removed
comment:3 Changed 13 years ago by brunocosta
- Status changed from closed to reopened
- Summary changed from SQL Injection no arquivo class.categories.inc.php to Correção de vulnerabilidade
- Resolution fixed deleted
- Description modified (diff)
- Milestone changed from Expresso 2.2.0.1 to Expresso 2.2.6
Note: See
TracTickets for help on using
tickets.
Resolvido na [4632]
Incluído "escape" para evitar sql injection, em class.categories.inc.php na função return_sorted_array.