[BUGIX] Fix SQL Injection possibility in Extensionmanager
authorHelmut Hummel <helmut.hummel@typo3.org>
Sat, 18 Aug 2012 19:22:24 +0000 (21:22 +0200)
committerHelmut Hummel <helmut.hummel@typo3.org>
Sat, 18 Aug 2012 22:44:29 +0000 (00:44 +0200)
commit6319d053f384ff6dd2518352679eb8a9d8ed9250
treef57b3c091905f3f43a7e989c7e0e4568bd70910a
parentc2d437e015fec88ce97a6b5ef8c05010c3d826ed
[BUGIX] Fix SQL Injection possibility in Extensionmanager

Quote the search string in findByTitleOrAuthorNameOrExtensionKey method.

Change-Id: Ifd2694a91d580e303fa366077f1f316864f974e3
Fixes: #39942
Releases: 6.0
Reviewed-on: http://review.typo3.org/13904
Reviewed-by: Susanne Moog
Tested-by: Susanne Moog
Reviewed-by: Helmut Hummel
Tested-by: Helmut Hummel
typo3/sysext/extensionmanager/Classes/Domain/Repository/ExtensionRepository.php