New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix sort_by
not being filtered in search form
#1252
Conversation
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
Check the sort_by value in the request with the default table before entering the query. Fix bug Time-Based Blind SQL Injection Disclosure: https://huntr.dev/bounties/668789af-8781-461c-99bb-d159e5a1d877/ Signed-off-by: Elan Ruusamäe <glen@pld-linux.org>
sort_by
not being filtered in search form
rebased, added changelog myself. enabled auto merge ps: fixed "Disclosure" typo in your commit message. |
Damn, the PR is buggy. should have tested it locally.
|
However, the are you saying the method is not escaping properly? |
Also, this fix completely disables searching by custom fields: |
And resetting the ORDER BY desc, iss_id DESC |
@noobpk where or how did you obtain what to fill as |
ok. there's dropdown for sort_by, let's go with that: <label>Sort By<br />
| <select name="sort_by">
| <option value="last_action_date" >Last Action Date</option>
| <option value="pri_rank" >Priority</option>
| <option value="iss_id" >Issue ID</option>
| <option value="sta_rank" >Status</option>
| <option value="iss_summary" >Summary</option>
| </select>
| </label> |
New fix: so far the injected SQL is not appearing in the query log. |
ops!! sorry about that. my mistake :(( |
well. the whole thing was untested. see other notes as well. had to re-do the whole fix |
Check sort_by value before query
Check the sort_by value in the request with the default table before entering the query.
Fix bug Time-Based Blind SQL Injection