[jira] [Assigned] (FINERACT-2624) Sanitize runreports endpoint input parameters and use prepared statements for report execution

Terence Monteiro (Jira) Mon, 01 Jun 2026 06:58:10 -0700


     [ 
https://issues.apache.org/jira/browse/FINERACT-2624?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Terence Monteiro reassigned FINERACT-2624:
------------------------------------------

    Assignee: Terence Monteiro

> Sanitize runreports endpoint input parameters and use prepared statements for 
> report execution
> ----------------------------------------------------------------------------------------------
>
>                 Key: FINERACT-2624
>                 URL: https://issues.apache.org/jira/browse/FINERACT-2624
>             Project: Apache Fineract
>          Issue Type: Bug
>          Components: Reports
>    Affects Versions: 1.14.0
>            Reporter: Terence Monteiro
>            Assignee: Terence Monteiro
>            Priority: Major
>              Labels: pull-request-available
>
> The runreports (stretchy reporting) endpoint does not currently validate or 
> sanitise input parameters before use in report execution. This fix adds:
>  # Input parameter sanitisation based on type definitions in 
> {{stretchy_parameter, stretchy_report_parameter}}
>  # Prepared statement execution for stretchy reports
> Integration tests are included covering numeric parameter validation 
> (positive and negative), unregistered parameter rejection, and boundary 
> inputs including UNION ALL patterns.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Assigned] (FINERACT-2624) Sanitize runreports endpoint input parameters and use prepared statements for report execution

Reply via email to