Loading...

XML

Word

Printable

Type: Bug
Resolution: Won't Do
Priority: Minor
Fix Version/s: None
Affects Version/s: 2.7.1
Component/s: Calendar
Labels:
- triaged

Affected Branches:
MOODLE_27_STABLE

1/ the value is not validated when receiving event creation request from activities

2/ the calendar/event_form.php uses incorrect PARAM_INT on hidden param - the param should not be there at all because users are not allowed to change this type of calendar events

has been marked as being related by

MDL-43918 Denial of service and possible SQL injection in get_coursemodule_from_id() and get_coursemodule_from_instance()

Closed

Assignee:: Unassigned

Reporter:: Petr Skoda

Participants:: Matt Porritt, Petr Skoda

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 25/Aug/14 4:24 PM

Updated:: 02/Dec/22 8:18 AM

Resolved:: 02/Dec/22 8:18 AM

Details

Description

Attachments

Issue Links

Activity

People

Dates

Clockify