FIX(security) :Sanitized queries in the list of meta service - Githubissues

centreon / centreon-archived

Centreon is a network, system and application monitoring tool. Centreon is the only AIOps Platform Providing Holistic Visibility to Complex IT Workflows from Cloud to Edge.

https://www.centreon.com

GNU General Public License v2.0

574 stars 240 forks source link

FIX(security) :Sanitized queries in the list of meta service #11978

Open emabassi-ext opened 2 years ago

emabassi-ext commented 2 years ago

Description

Queries should be sanitized (if possible) and bound using PDO statement to reduce attack surface and clean legacy code

Fixes # MON-15371

Type of change

[x] Patch fixing an issue (non-breaking change)
[ ] New functionality (non-breaking change)
[ ] Breaking change (patch or feature) that might cause side effects breaking part of the Software

Target serie

[ ] 21.04.x
[x] 21.10.x
[x] 22.04.x
[x] 22.10.x (master)

How this pull request can be tested ?

Navigate to Configuration -> Services -> Meta Services
Create a meta service
Duplicate it like 15 times
See if pagination and search is still working

Checklist

Community contributors & Centreon team

[x] I have followed the coding style guidelines provided by Centreon
[ ] I have commented my code, especially new classes, functions or any legacy code modified. (docblock)
[ ] I have commented my code, especially hard-to-understand areas of the PR.
[x] I have rebased my development branch on the base branch (master, maintenance).

sonarqube-decoration[bot] commented 2 years ago

SonarQube Quality Gate

0 Bugs
0 Vulnerabilities
0 Security Hotspots
9 Code Smells

No Coverage information
0.0% Duplication