Potential attack vector using attachments

XMLWordPrintable

      Suspicious handling of attachment uploads with filenames containing quotes (the quoted ended up being repeated) and semicolons (semicolon and all subsequent characters were stripped from filename)

              Assignee:
              Matthew Erickson
              Reporter:
              Mark Hrynczak (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved:

                  Estimated:
                  Original Estimate - 8h
                  8h
                  Remaining:
                  Remaining Estimate - 8h
                  8h
                  Logged:
                  Time Spent - Not Specified
                  Not Specified