git.gnu.io has moved to IP address 209.51.188.249 -- please double check where you are logging in.

Commit 89ba8202 authored by Joshua Wise's avatar Joshua Wise Committed by Evan Prodromou

Escape argument to prevent SQL injection attack in

User::getTaggedSubscriptions()

This change escapes the $tag argument to prevent a SQL injection
attack in User::getTaggedSubscriptions(). The parameter was not
escaped higher up the stack, so this vulnerability could be exploited.
parent 4a30da92
......@@ -758,7 +758,7 @@ class User extends Managed_DataObject
$profile = new Profile();
$profile->query(sprintf($qry, $this->id, $tag));
$profile->query(sprintf($qry, $this->id, $profile->escape($tag)));
return $profile;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment