[Dolibarr-git] [Dolibarr/dolibarr] 1623fe: FIX SQL Injection CWE-89

dolibarr-git

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Dolibarr-git] [Dolibarr/dolibarr] 1623fe: FIX SQL Injection CWE-89

From:	Laurent Destailleur
Subject:	[Dolibarr-git] [Dolibarr/dolibarr] 1623fe: FIX SQL Injection CWE-89
Date:	Fri, 06 Apr 2018 10:23:49 -0700

  Branch: refs/heads/7.0
  Home:   https://github.com/Dolibarr/dolibarr
  Commit: 1623fea6182225ecbd230312d67f38f8a391c9da
      
https://github.com/Dolibarr/dolibarr/commit/1623fea6182225ecbd230312d67f38f8a391c9da
  Author: Laurent Destailleur <address@hidden>
  Date:   2018-04-06 (Fri, 06 Apr 2018)

  Changed paths:
    M htdocs/expensereport/list.php
    M htdocs/holiday/list.php

  Log Message:
  -----------
  FIX SQL Injection CWE-89


  Commit: 78778546936911175e2ade1d0a9f6d86ff558957
      
https://github.com/Dolibarr/dolibarr/commit/78778546936911175e2ade1d0a9f6d86ff558957
  Author: Laurent Destailleur <address@hidden>
  Date:   2018-04-06 (Fri, 06 Apr 2018)

  Log Message:
  -----------
  Merge branch '7.0' of address@hidden:Dolibarr/dolibarr.git into 7.0


  Commit: 2d1183cbb75a5c7da73a779b216668e014b9fa73
      
https://github.com/Dolibarr/dolibarr/commit/2d1183cbb75a5c7da73a779b216668e014b9fa73
  Author: Laurent Destailleur <address@hidden>
  Date:   2018-04-06 (Fri, 06 Apr 2018)

  Changed paths:
    M htdocs/filefunc.inc.php
    M htdocs/main.inc.php

  Log Message:
  -----------
  FIX can bypass the CSRF protection with url with domain inside


  Commit: 417c07a6e81e68e3012864a002bf747e83d688bd
      
https://github.com/Dolibarr/dolibarr/commit/417c07a6e81e68e3012864a002bf747e83d688bd
  Author: Laurent Destailleur <address@hidden>
  Date:   2018-04-06 (Fri, 06 Apr 2018)

  Changed paths:
    M htdocs/core/actions_linkedfiles.inc.php
    M htdocs/main.inc.php

  Log Message:
  -----------
  Fix REFLECTED XSS


  Commit: 1a321e19c89183c409b1e281e77769b1887ba952
      
https://github.com/Dolibarr/dolibarr/commit/1a321e19c89183c409b1e281e77769b1887ba952
  Author: Laurent Destailleur <address@hidden>
  Date:   2018-04-06 (Fri, 06 Apr 2018)

  Changed paths:
    M htdocs/admin/company.php
    M htdocs/contact/card.php
    M htdocs/core/lib/functions.lib.php
    M htdocs/main.inc.php

  Log Message:
  -----------
  FIX XSS in company setup page


  Commit: 77f2b137b5c76b663afb4640f011ac28762f703a
      
https://github.com/Dolibarr/dolibarr/commit/77f2b137b5c76b663afb4640f011ac28762f703a
  Author: Laurent Destailleur <address@hidden>
  Date:   2018-04-06 (Fri, 06 Apr 2018)

  Changed paths:
    M htdocs/user/group/card.php

  Log Message:
  -----------
  FIX XSS


Compare: 
https://github.com/Dolibarr/dolibarr/compare/f56438112fb5...77f2b137b5c7

[Prev in Thread]

Current Thread

[Next in Thread]

[Dolibarr-git] [Dolibarr/dolibarr] 1623fe: FIX SQL Injection CWE-89, Laurent Destailleur <=

Prev by Date: [Dolibarr-git] [Dolibarr/dolibarr] f56438: FIX CWE-89
Next by Date: [Dolibarr-git] [Dolibarr/dolibarr] 84426c: Fix not not saved
Previous by thread: [Dolibarr-git] [Dolibarr/dolibarr] f56438: FIX CWE-89
Next by thread: [Dolibarr-git] [Dolibarr/dolibarr] 84426c: Fix not not saved
Index(es):
- Date
- Thread