#717: Generating the current route with additional or changed arguments allows
code injections
----------------------+-----------------------------------------------------
Reporter: david | Owner: david
Type: defect | Status: closed
Priority: highest | Milestone: 0.11.1
Component: routing | Version: 0.11.1RC1
Severity: critical | Resolution: fixed
Keywords: | Has_patch: 0
----------------------+-----------------------------------------------------
Comment(by christeeeni):
<a href="http://www.how-to-disappear.net/home_insurance_quotes.html";>home
owner's insurance</a> %) <a href="http://www.bloginwi.com/life-
insurance.html">term life insurance quote</a> :-((( <a
href="http://www.tlnadurham.org/home-insurance-rates.html";>home insurance
rates</a> %-D <a
href="http://www.thehighlandviewmotorsports.com/cheap.auto.insurance.html";>cheap
auto insurance</a> 8-]
--
Ticket URL: <http://trac.agavi.org/ticket/717#comment:6>
Agavi <http://www.agavi.org/>
An MVC Framework for PHP5
_______________________________________________
Agavi Tickets Mailing List
[email protected]
http://lists.agavi.org/mailman/listinfo/tickets
