MantisBT: master-1.2.x d16988c3
Author | Committer | Branch | Timestamp | Parent |
---|---|---|---|---|
dregad | dregad | master-1.2.x | 2013-03-18 18:36 | master-1.2.x d4e7b224 |
Affected Issues | 0015573: CVE-2013-1883: One query can be issued via current Mantis interface to take down site | |||
Changeset | Fix filter api issue with 'any condition' and text search A filter combining some criteria and a text search with 'any condition' The root cause of this behavior is joining the bug_text table with a This commit resolves the problem by using a JOIN clause instead, which Fixes 0015573 |
|||
mod - core/filter_api.php | Diff File |