Onyx2406 opened a new pull request, #3690: URL: https://github.com/apache/fineract/pull/3690
## Description Purpose: This pull request addresses a potential SQL injection vulnerability detected by SONAR in our data querying mechanism. The identified issue arises from the direct concatenation of user-controlled input strings into SQL queries. Changes: Refactored the queryDataTable method to use prepared statements. ## Checklist Please make sure these boxes are checked before submitting your pull request - thanks! - [x] Write the commit message as per https://github.com/apache/fineract/#pull-requests - [x] Acknowledge that we will not review PRs that are not passing the build _("green")_ - it is your responsibility to get a proposed PR to pass the build, not primarily the project's maintainers. - [x] Create/update unit or integration tests for verifying the changes made. - [x] Follow coding conventions at https://cwiki.apache.org/confluence/display/FINERACT/Coding+Conventions. - [x] Add required Swagger annotation and update API documentation at fineract-provider/src/main/resources/static/legacy-docs/apiLive.htm with details of any API changes - [x] Submission is not a "code dump". (Large changes can be made "in repository" via a branch. Ask on the developer mailing list for guidance, if required.) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
