Bug #51093
closed
Task #49162: Rewrite install tool
Create database "databaseName" not escaped ...
100%
Description
This might fail with "-" sign in database name and is also a possible sqli?
6.2 only, TYPO3\CMS\Install\Controller\Action\Step\DatabaseSelect
Updated by Nicole Cordes over 10 years ago
- Is Regression set to No
This can't be handly by dbal so we should not support it in the install tool.
Updated by Mathias Schreiber over 9 years ago
- Target version changed from next-patchlevel to 7.4 (Backend)
Updated by Susanne Moog almost 9 years ago
- Category changed from Install Tool to 1601
Updated by Susanne Moog over 8 years ago
- Target version changed from 7.4 (Backend) to 7.5
Updated by Gerrit Code Review over 8 years ago
- Status changed from New to Under Review
Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/43016
Updated by Gerrit Code Review over 8 years ago
Patch set 2 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/43016
Updated by Gerrit Code Review over 8 years ago
Patch set 3 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/43016
Updated by Morton Jonuschat over 8 years ago
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Applied in changeset 4679e1e2d6fbd29fcaa7d40441b58686b5ec3b13.
Updated by Riccardo De Contardi over 6 years ago
- Status changed from Resolved to Closed