projects / civicrm-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6b6c3de) | patch
security/core#59 - Fix SQL injection in civicrm/ajax/dedupefind
authorPatrick Figel <pfigel@greenpeace.org>
Fri, 5 Jul 2019 18:49:44 +0000 (20:49 +0200)
committerSeamus Lee <seamuslee001@gmail.com>
Sat, 9 Nov 2019 02:58:58 +0000 (13:58 +1100)
commit7f9b74ca1a7018421357c67a097a9a8962ece21f
tree5ac735a61e5543d568209f6cf0a9067f276c5b3atree | snapshot (zip tar.gz)
parent6b6c3de61e250c3c448ec8596e746c58f8fcc1e7commit | diff
security/core#59 - Fix SQL injection in civicrm/ajax/dedupefind

This fixes an SQL injection in civicrm/ajax/dedupefind by validating
the order direction parameter.

Fixes #59
CRM/Contact/Page/AJAX.php diff | blob | blame | history