View Issue Details

IDProjectCategoryView StatusLast Update
0000278WackoWikisecuritypublic2009-10-13 16:03
Reporteradministrator Assigned ToTann San  
PrioritynormalSeverityminorReproducibilityhave not tried
Status resolvedResolutionfixed 
Product Version4.2 
Target Version5.0.betaFixed in Version5.0.beta 
Summary0000278: replace $_REQUEST with proper $_POST or $_GET
Description$_REQUEST can be an inherent security risk in many cases, while it's normally trivial to decide between $_GET and $_POST.
TagsNo tags attached.

Activities

ebal

2009-03-05 20:27

developer   ~0000594

affected pages

actions/redirect.php
actions/login.php
actions/registration.php
actions/usersettings.php
actions/search.php
actions/changepassword.php
classes/wacko.php
handlers/page/edit.php
handlers/page/show.php
index.php
themes/tabs/appearance/footer.php

Issue History

Date Modified Username Field Change
2009-03-04 18:35 administrator New Issue
2009-03-04 18:36 administrator Status new => confirmed
2009-03-05 20:27 ebal Note Added: 0000594
2009-04-09 20:03 Tann San Status confirmed => assigned
2009-04-09 20:03 Tann San Assigned To => Tann San
2009-04-09 23:02 Tann San Status assigned => resolved
2009-04-09 23:02 Tann San Fixed in Version => 5.4.0
2009-04-09 23:02 Tann San Resolution open => fixed
2009-04-11 01:45 Tann San Fixed in Version 5.4.0 => 5.0.0
2009-10-13 15:58 administrator Target Version 5.0.0 => 5.0.beta
2009-10-13 16:03 administrator Fixed in Version 5.0.0 => 5.0.beta
2010-03-08 10:22 administrator Category Security => security