|
|
|
|
|
|
by dmilicevic
3342 days ago
|
|
|
Great stuff again Matthew :), your blogs are always easy to read and helpful!
Personally I think that string concatenation in query building throughout the Sugar code base (campaigns, workflows) is very problematic and could also be exposed in a couple of scenarios. But like I said, this seems to be the work in progress currently at Sugar. Hopefully Sugar will come forward with a response to these allegations because these are serious security risks. |
|
|