#4114 (ok 4.1.0-rc2) No params checking in error_report.php

Latest_Git
fixed
nobody
None
1
2013-12-12
2013-10-03
Michal Čihař
No

The error_report.php blindly tries to use expected parameters without checking that they are present leading to many PHP errors.

Discussion

  • Michal Čihař
    Michal Čihař
    2013-10-17

    Increasing priority as this can lead to information disclosure and thus is a security issue.

     
  • Michal Čihař
    Michal Čihař
    2013-10-17

    • Priority: 5 --> 9
     
  • Marc Delisle
    Marc Delisle
    2013-11-17

    Michal,
    you mean when just calling error_report.php in a URL without parameters?

     
  • Marc Delisle
    Marc Delisle
    2013-11-18

    Please confirm.

     
  • Michal Čihař
    Michal Čihař
    2013-11-25

    • summary: No params checking in error_report.php --> (ok 4.1.0-rc2) No params checking in error_report.php
    • status: open --> resolved
    • Priority: 9 --> 1
     
  • Michal Čihař
    Michal Čihař
    2013-11-25

    Another fix in 70282478ec43bbf86f55bcba2365b67bc18f17f4, hopefully it is everything now.

     
  • Marc Delisle
    Marc Delisle
    2013-12-12

    • Status: resolved --> fixed