Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
SQL injection in mc_project_get_attachments()
This is a follow-up on CVE-2014-1609 / issue #16880. Edwin Gozeling and Wim Visser from ITsec Security Services BV (http://www.itsec.nl) discovered that the fix in #16880 did not fully address the problem. Their research demonstrate that using a specially crafted project id parameter, an attacker could still perform an SQL injection. The same issue was also reported by Paul Richards in issue #17823. This patch fixes the problem by typecasting the Project ID parameter to Integer. Fixes #17812, CVE-2014-8554
- Loading branch information