Project:
| View Revisions: Issue #36239 | [ Back to Issue ] | ||
| Summary | 0036239: Security problem in Create Budget Reports in Excel report | ||
| Revision | 2017-06-13 13:12 by aferraz | ||
| Description | SQL injection security problem in Create Budget Reports in Excel report. Problem is how ReportBudgetGenerateExcel.printPageDataExcel method creates the query. Parameters are appended to the query without being parsed to avoid SQL injection. See https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9437 [^] |
||
| Revision | 2017-06-13 09:08 by aferraz | ||
| Description | See https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9437 [^] | ||
| Copyright © 2000 - 2009 MantisBT Group |
 |