Project

General

Profile

Bug #23028

Updated by Tomer Brisker over 2 years ago

Widget id is not properly escaped for save_positions action on the dashboard, leading to SQL injection possibility.
This only allows injecting conditions to the select conditions, as it is a prepared query it does not allow executing additional commands.
It is only available to authenticated users.

This issue was reported by Martin Povolný from Red Hat.

Back