You are here: Home 
Support Forums JEvents (Free Forums) JEvents (Free Access) Remove trailing comma and dash on year view for all day events
Support Forums JEvents (Free Forums) JEvents (Free Access) Remove trailing comma and dash on year view for all day events
0
Undo
Votes
We did a website (scl.org.sg) scan & the result showed 1 high risk vulnerability in SQL Injection scan.
Scan report attached. Please do the needful ASAP.
Scan report attached. Please do the needful ASAP.
Hello,
This is more of a false positive. They are changing the filter value from ASC / DESC to a word that doesn't exist in the order by clause hence the failover. If they tried to execute SQL any SQL Injection would be filtered within it.
I'll make a change to ensure this filter only accepts ASC/DESC however in future versions.
Many thanks
Tony
This is more of a false positive. They are changing the filter value from ASC / DESC to a word that doesn't exist in the order by clause hence the failover. If they tried to execute SQL any SQL Injection would be filtered within it.
I'll make a change to ensure this filter only accepts ASC/DESC however in future versions.
Many thanks
Tony
JEvents Club members can get priority forum support at the Support Forum. As well as access to a variety of custom JEvents addons and benefits. Join the JEvents club today!Join the JEvents club today!
- Page :
- 1
There are no replies made for this post yet.
Members Area
Show your support
Unlike many Joomla calendars we do not charge to download JEvents - please show your support for this project by becoming a member of the JEvents Club Club members get access to early releases, exclusive member support forums, and Silver and Gold members can use many exciting JEvents addons
Your membership will ensure that JEvents continues to be the best events calendar for Joomla.