Modify

Ticket #132 (new defect)

Opened 3 years ago

Last modified 3 years ago

DB resources is vulnerable to (H)SQL injection

Reported by: bruno Owned by: jgou
Priority: major Milestone: 0.5
Component: modules/kauri-dbresources Version: trunk
Keywords: Cc:

Description

DB resources builds queries by injecting parts from the URI into them, unescaped.

See for example this code in JpaUtils?:

where.append(select.toString() + ".id = ");
where.append(segment.isVariable() ? attributes.get(segment.getName()) : segment.getName());

There is some sort of a protection though because of issue #131.

Attachments

Change History

comment:1 Changed 3 years ago by mpo

  • Milestone changed from 0.3 to 0.5

there is a plan to address some extra features in dbresources post 0.4
see http://kauriproject.org/wiki/g2/319-kauri.html

View

Add a comment

Modify Ticket

Action
as new
Author


E-mail address and user name can be saved in the Preferences.

Attachments
 
Note: See TracTickets for help on using tickets.