Uploaded image for project: 'CESeCore'
  1. CESeCore
  2. CESECORE-269

SQL injection flaws in QueryCriteria

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: 1.1.1
    • Fix Version/s: 1.1.2
    • Component/s: None
    • Labels:
      None

      Description

      There are security issues in class "QueryCriteria". Parameters are no longer checked before being used and we can inject SQL code in args of methods eq(), leq(), lsr(), gep(), grt(), isNull(), isNotNull() and so on. It's Blind SQL Injection vulnerabilities.

      i.e : isNotNull("eventType IS NOT NULL and 1=1 and eventType ") is not filtered/sanitized.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              regadas Filipe Regadas
              Reporter:
              tomas Tomas Gustavsson
              Verified by:
              Tomas Gustavsson
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: