Uploaded image for project: 'eZ Publish / Platform'
  1. eZ Publish / Platform
  2. EZP-19188

prevent eZ Publish from generating huge sql queries on directory traversal attack attempt

    XMLWordPrintable

Details

    • Icon: Improvement Improvement
    • Resolution: Fixed
    • Icon: Medium Medium
    • Customer request
    • 4.4.1
    • Misc
    • None

    • ez publish 4.4

    Description

      Like in the summary - eZ Publish generates huge SQL query when very long URL with repeating "../" is requested.

      This system limitation can be lessen by putting a limit on amount of paths.

      Attachments

        Activity

          People

            jv@ez.no jv@ez.no
            2b274289-6c7c-4b95-a70d-ca6c4a846602@accounts.ibexa.co j h
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: