aboutsummaryrefslogtreecommitdiffstats
path: root/Bugzilla/User.pm
diff options
context:
space:
mode:
authorjustdave%syndicomm.com <>2003-11-03 11:31:30 +0000
committerjustdave%syndicomm.com <>2003-11-03 11:31:30 +0000
commita4e75a434f1fbbae4b438927ae02958baad7f1b7 (patch)
tree74a5ab12bbf20c934af898475a3f6c7303b68013 /Bugzilla/User.pm
parenta30e5f2cf9b04a8a377186ecb3b90b4311d23894 (diff)
downloadbugs-a4e75a434f1fbbae4b438927ae02958baad7f1b7.tar
bugs-a4e75a434f1fbbae4b438927ae02958baad7f1b7.tar.gz
bugs-a4e75a434f1fbbae4b438927ae02958baad7f1b7.tar.bz2
bugs-a4e75a434f1fbbae4b438927ae02958baad7f1b7.tar.xz
bugs-a4e75a434f1fbbae4b438927ae02958baad7f1b7.zip
[SECURITY] Bug 219044: A user with 'editkeywords' privileges (i.e. usually an administrator) can inject arbitrary SQL via the URL used to edit an existing keyword.
Patch by Joel Peshkin <bugreport@peshkin.net> r= justdave, zach a= justdave
Diffstat (limited to 'Bugzilla/User.pm')
0 files changed, 0 insertions, 0 deletions