summaryrefslogtreecommitdiffstats
path: root/web/lang/uk.po
diff options
context:
space:
mode:
authorDan McGee <dan@archlinux.org>2011-03-01 12:31:35 -0600
committerLukas Fleischer <archlinux@cryptocrack.de>2011-03-01 20:27:49 +0100
commit90485e8f422cec6d23af38574a53705fa7de008b (patch)
tree9df70fc784fd2ff604a58bbbace7ca9dfd7ea938 /web/lang/uk.po
parenta10ce40cbe410836a6bffc6026be3c9544636f3e (diff)
downloadaurweb-90485e8f422cec6d23af38574a53705fa7de008b.tar.xz
Fix potential injection vulnerability
We trusted the values we pulled out of the IDs array and never coerced them to integers, passing them to the backend unescaped and uncasted. Ensure they are treated as integers only and validate the resulting value is > 0. Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Diffstat (limited to 'web/lang/uk.po')
0 files changed, 0 insertions, 0 deletions