Skip to content

Commit

Permalink
🔒 SQL injection security vulnerabilities #13077 #13059
Browse files Browse the repository at this point in the history
  • Loading branch information
@88250
88250 committed Nov 7, 2024
1 parent 7fa1f89 commit 831d350
Showing 1 changed file with 3 additions and 0 deletions.
3 changes: 3 additions & 0 deletions kernel/model/asset_content.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,9 @@ func GetAssetContent(id, query string, queryMethod int) (ret *AssetContent) {
query = stringQuery(query)
}
}
if !ast.IsNodeIDPattern(id) {
return
}

table := "asset_contents_fts_case_insensitive"
filter := " id = '" + id + "'"
Expand Down

0 comments on commit 831d350

Please sign in to comment.