Opened 6 years ago

Last modified 10 months ago

#8703 new defect

SQL injection vulnerability/SQL compatibility

Reported by: anonymous Owned by:
Priority: normal Component: TracTicketStatsPlugin
Severity: normal Keywords:
Cc: Trac Release: 0.11


The arguments to the SQL statements are not properly escaped. This results in a possibility of SQL injection, and also database compatibility issues.

Disclaimer - I'm not really python programmer so the attached patch may not be the optimal approach. However it does remove the % operator which is at the root of the SQL injection problem, and also removes the double quotes around the milestone value (which doesn't work with postgres 9.x).

Attachments (1)

tracticketstatsplugin-sql-injection.patch (4.0 KB) - added by anonymous 6 years ago.

Download all attachments as: .zip

Change History (6)

Changed 6 years ago by anonymous


comment:1 Changed 4 years ago by Ryan J Ollos

Status: newassigned

#3899 closed as a duplicate.

comment:2 Changed 4 years ago by Ryan J Ollos

#3421 closed as a duplicate.

comment:3 Changed 4 years ago by Ryan J Ollos

(In [13107]) Refs #8703, #7001: Optimize SQL queries and properly utilize the Trac database API to prevent SQL injection and improve cross-DB compatibility.

comment:4 Changed 4 years ago by Ryan J Ollos

Status: assignednew

comment:5 Changed 10 months ago by Ryan J Ollos

Owner: Ryan J Ollos deleted

Modify Ticket

Change Properties
Set your email in Preferences
as new The ticket will remain with no owner.

Add Comment

E-mail address and name can be saved in the Preferences.

Note: See TracTickets for help on using tickets.