Public bug reported:
I discovered a strange issue with the save dialogue. if you search for
the string 'a-bc' in a save modal it throws an SQL parse error (See
attached screenshot). This appears to be for any string with a hyphen.
The modal in my case is opened by Firefox.
Could this be a SQL injection vulnerability?
** Affects: firefox (Ubuntu)
** Attachment added: "Selection_009.png"
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Searches containing a hyphen in a save dialog triggers a SQLParse
To manage notifications about this bug go to:
ubuntu-bugs mailing list