has moved to IP address -- please double check where you are logging in.

Commit 89ba8202 authored by Joshua Wise's avatar Joshua Wise Committed by Evan Prodromou

Escape argument to prevent SQL injection attack in


This change escapes the $tag argument to prevent a SQL injection
attack in User::getTaggedSubscriptions(). The parameter was not
escaped higher up the stack, so this vulnerability could be exploited.
parent 4a30da92
......@@ -758,7 +758,7 @@ class User extends Managed_DataObject
$profile = new Profile();
$profile->query(sprintf($qry, $this->id, $tag));
$profile->query(sprintf($qry, $this->id, $profile->escape($tag)));
return $profile;
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment