Public bug reported:
I discovered a strange issue with the save dialogue. if you search for
the string 'a-bc' in a save modal it throws an SQL parse error (See
attached screenshot). This appears to be for any string with a hyphen.
The modal in my case is opened by Firefox.
Could this be a SQL injection vulnerability?
** Affects: firefox (Ubuntu)
Importance: Undecided
Status: New
** Attachment added: "Selection_009.png"
https://bugs.launchpad.net/bugs/1625058/+attachment/4743497/+files/Selection_009.png
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1625058
Title:
Searches containing a hyphen in a save dialog triggers a SQLParse
Error
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1625058/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
