Bruno17
commented
5 years ago not allways primary keys are integers and getObject allready sanitizes the criteria https://github.com/modxcms/revolution/blob/2.x/core/xpdo/xpdo.class.php#L842
feel free to reopen, if you still feel, this is necessary
https://modx.pro/security/16336