projects / civicrm-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0c46ca3) | patch
security/core#59 - Fix SQL injection in civicrm/ajax/dedupefind
authorPatrick Figel <pfigel@greenpeace.org>
Fri, 5 Jul 2019 18:49:44 +0000 (20:49 +0200)
committerSeamus Lee <seamuslee001@gmail.com>
Wed, 20 Nov 2019 21:24:22 +0000 (08:24 +1100)
commit2c032aca5c6bd445e12924d91a5d47c7e9e59bd6
treecf42660f6654f2612681a08236e9c93acde2e02btree | snapshot (zip tar.gz)
parent0c46ca332deaccf79ef139feaa787ae3d83ceb90commit | diff
security/core#59 - Fix SQL injection in civicrm/ajax/dedupefind

This fixes an SQL injection in civicrm/ajax/dedupefind by validating
the order direction parameter.

Fixes #59
CRM/Contact/Page/AJAX.php diff | blob | blame | history