Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-11300

multiple problems in tag/manage.php

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: 1.9
    • Fix Version/s: 1.9
    • Component/s: Tags
    • Labels:
      None
    • Affected Branches:
      MOODLE_19_STABLE
    • Fixed Branches:
      MOODLE_19_STABLE

      Description

      1/ potential sql injection through tag types - missing param type + can add new types
      2/ paging does not work at all
      3/ missing type definitions
      4/ not xhtml strict compliant
      5/ CSRF - missing sesskey checks
      6/ UI code in tag/lib.php - should be in manage.php or other file
      7/ missing localization of types - default/standard

        Attachments

          Activity

            People

            Assignee:
            skodak Petr Skoda
            Reporter:
            skodak Petr Skoda
            Tester:
            Nobody
            Participants:
            Component watchers:
            Amaia Anabitarte, Carlos Escobedo, Ferran Recio, Ilya Tregubov, Sara Arjona (@sarjona)
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:
              Fix Release Date:
              3/Mar/08