Opened 12 years ago

Closed 10 years ago

#3663 closed defect (fixed)


Reported by: dsd Owned by: godiard
Priority: Unspecified by Maintainer Milestone: Unspecified
Component: Wikipedia Version: Unspecified
Severity: Minor Keywords:
Cc: Distribution/OS: Unspecified
Bug Status: Unconfirmed


wikiserver commit 6ea1a1c78131 adds some custom string handling. This probably works in the " case but isn't great.

You should properly escape the string passed to the query. See the "# Never do this -- insecure!" example at

Change History (1)

comment:1 Changed 10 years ago by godiard

  • Resolution set to fixed
  • Status changed from new to closed

Fixed on Wikipedia 37.

Note: See TracTickets for help on using tickets.