The GitHub Actions job "CodeQL" on ofbiz-framework.git has failed. Run started by GitHub user asfgit (triggered by asfgit).
Head commit for run: bb743ddff1fddbbea94c1415159f0d4d5013d592 / Jacques Le Roux <jacques.le.r...@les7arts.com> Fixed: [SECURITY] (CVE-2024-36104) Path traversal leading to RCE (OFBIZ-13092) Adds a StringUtil::splitWithStringSeparator. I crossed issue using StringUtil::split it's said that <<delim the delimiter character(s)>> with a (s) But it does not work as expected with several character(s). In ControlFilter::doFilter uses splitWithStringSeparator instead of split. Uses decoded requestUri everywhere, and to split query string, though it worked, "&" rather than "Y&". Also put all the privates methods used by doFilter just above it to clarify use. Conflict handled by hand in StringUtil.java Report URL: https://github.com/apache/ofbiz-framework/actions/runs/12826920674 With regards, GitHub Actions via GitBox
