Uploaded image for project: 'RAML Module Builder'
  1. RAML Module Builder
  2. RMB-537

f_unaccent single quote fullText tsquery sql injection

    XMLWordPrintable

Details

    • CP: sprint 78, CP: sprint 79
    • 2
    • Core: Platform

    Description

      f_unaccent converts these other single quotes into the regular single quote:
      <code>
      '
      ʼn
      '



      <code>
      This causes sql injection errors in the full text tsquery, see BF-163 for an example.

      TestRail: Results

        Attachments

          Issue Links

            blocks

            Bug - A problem which impairs or prevents the functions of the product. UIOR-483 Orders: Can't filter on 'reason for closure'

            • P2 - normal priority level, must be included in the current development cycle
            • Closed
            relates to

            Umbrella - FOLIO-2402 platform-related features and fixes for mod-inv-stor 18.2.1

            • P2 - normal priority level, must be included in the current development cycle
            • Closed

            Bug - A problem which impairs or prevents the functions of the product. RMB-432 fulltext: word splitting and punctuation removal

            • P2 - normal priority level, must be included in the current development cycle
            • Closed

            Activity

              People

                julianladisch Julian Ladisch
                julianladisch Julian Ladisch
                Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved:

                  TestRail: Runs

                    TestRail: Cases