Modify

Opened 4 years ago

Last modified 17 months ago

#8703 new defect

SQL injection vulnerability/SQL compatibility

Reported by: anonymous Owned by: rjollos
Priority: normal Component: TracTicketStatsPlugin
Severity: normal Keywords:
Cc: Trac Release: 0.11

Description

The arguments to the SQL statements are not properly escaped. This results in a possibility of SQL injection, and also database compatibility issues.

Disclaimer - I'm not really python programmer so the attached patch may not be the optimal approach. However it does remove the % operator which is at the root of the SQL injection problem, and also removes the double quotes around the milestone value (which doesn't work with postgres 9.x).

Attachments (1)

tracticketstatsplugin-sql-injection.patch (4.0 KB) - added by anonymous 4 years ago.
Fix

Download all attachments as: .zip

Change History (5)

Changed 4 years ago by anonymous

Fix

comment:1 Changed 18 months ago by rjollos

  • Status changed from new to assigned

#3899 closed as a duplicate.

comment:2 Changed 18 months ago by rjollos

#3421 closed as a duplicate.

comment:3 Changed 18 months ago by rjollos

(In [13107]) Refs #8703, #7001: Optimize SQL queries and properly utilize the Trac database API to prevent SQL injection and improve cross-DB compatibility.

comment:4 Changed 17 months ago by rjollos

  • Status changed from assigned to new

Add Comment

Modify Ticket

Action
as new The owner will remain rjollos.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.