Project:
| View Issue Details[ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||
| ID | ||||||||
| 0009577 | ||||||||
| Type | Category | Severity | Reproducibility | Date Submitted | Last Update | |||
| defect | [Openbravo ERP] Z. Others | major | have not tried | 2009-06-22 11:38 | 2011-10-28 18:56 | |||
| Reporter | shuehner | View Status | public | |||||
| Assigned To | iciordia | |||||||
| Priority | urgent | Resolution | no change required | Fixed in Version | ||||
| Status | closed | Fix in branch | Fixed in SCM revision | |||||
| Projection | none | ETA | none | Target Version | ||||
| OS | Any | Database | Any | Java version | ||||
| OS Version | Database version | Ant version | ||||||
| Product Version | pi | SCM revision | ||||||
| Merge Request Status | ||||||||
| Review Assigned To | ||||||||
| OBNetwork customer | No | |||||||
| Web browser | ||||||||
| Modules | Core | |||||||
| Support ticket | ||||||||
| Regression level | ||||||||
| Regression date | ||||||||
| Regression introduced in release | ||||||||
| Regression introduced by commit | ||||||||
| Triggers an Emergency Pack | No | |||||||
| Summary | 0009577: Audit all xsql to ensure that all xsql-parameters of type argument/replace are properly validated - part2 | |||||||
| Description | All xsql parameters of type argument/replace are potential candidates for injection sql code into the query. The code should be audited to ensure that the parameters' value have been properly validated by the callers. | |||||||
| Tags | No tags attached. | |||||||
| Attached Files | ||||||||
 Relationships [ Relation Graph ]
[ Dependency Graph ]
|
||||||||
|
||||||||
 Relationships |
|
Notes |
|
|
(0042294) iciordia (viewer) 2011-10-28 18:56 |
xsql mechanism is being discontinued and replaced by DAL. |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2009-06-22 11:38 | shuehner | New Issue | |
| 2009-06-22 11:38 | shuehner | Assigned To | => rafaroda |
| 2009-06-22 11:38 | shuehner | OBNetwork customer | => No |
| 2009-06-22 11:38 | shuehner | Issue generated from | 0009501 |
| 2009-06-22 11:38 | shuehner | Relationship added | related to 0009501 |
| 2009-06-29 13:25 | psarobe | Status | new => scheduled |
| 2009-06-29 13:25 | psarobe | Assigned To | rafaroda => shuehner |
| 2009-06-29 13:25 | psarobe | fix_in_branch | => pi |
| 2009-06-30 13:40 | psarobe | Assigned To | shuehner => rafaroda |
| 2009-06-30 13:40 | psarobe | fix_in_branch | pi => |
| 2009-07-10 16:43 | pjuvara | Priority | immediate => urgent |
| 2010-02-11 18:05 | rafaroda | Assigned To | rafaroda => adrianromero |
| 2011-06-03 11:00 | dalsasua | Assigned To | adrianromero => dalsasua |
| 2011-07-20 18:11 | dalsasua | Assigned To | dalsasua => jonalegriaesarte |
| 2011-10-28 18:15 | psarobe | Assigned To | jonalegriaesarte => iciordia |
| 2011-10-28 18:56 | iciordia | Note Added: 0042294 | |
| 2011-10-28 18:56 | iciordia | Status | scheduled => closed |
| 2011-10-28 18:56 | iciordia | Resolution | open => no change required |
|
Issue History |
| Copyright © 2000 - 2009 MantisBT Group |
 |