Bug #23028
Updated by Tomer Brisker over 6 years ago
Widget id is not properly escaped for save_positions action on the dashboard, leading to SQL injection possibility.
This only allows injecting conditions to the select conditions, as it is a prepared query it does not allow executing additional commands.
It is only available to authenticated users.
This issue was reported by Martin Povolný from Red Hat.