Public bug reported:
I discovered a strange issue with the save dialogue. if you search for
the string 'a-bc' in a save modal it throws an SQL parse error (See
attached screenshot). This appears to be for any string with a hyphen.
The modal in my case is opened by Firefox.
Could this be a SQL injection vulnerability?
** Affects: firefox (Ubuntu)
Importance: Undecided
Status: New
** Attachment added: "Selection_009.png"
https://bugs.launchpad.net/bugs/1625058/+attachment/4743497/+files/Selection_009.png
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to firefox in Ubuntu.
https://bugs.launchpad.net/bugs/1625058
Title:
Searches containing a hyphen in a save dialog triggers a SQLParse
Error
Status in firefox package in Ubuntu:
New
Bug description:
I discovered a strange issue with the save dialogue. if you search for
the string 'a-bc' in a save modal it throws an SQL parse error (See
attached screenshot). This appears to be for any string with a hyphen.
The modal in my case is opened by Firefox.
Could this be a SQL injection vulnerability?
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1625058/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
