ArgumentError in Search#index when searching specific terms in Dradis-CE 3.6

[djsekops]

Steps to reproduce

Most search requests return as expected, except the following which all produce the error below.

Search terms that break:

find search xml python exec

Expected behavior

Search results should be displayed

Actual behavior

ArgumentError in Search#index

Showing /opt/dradis-ce/app/views/kaminari/_paginator.html.erb where line #7 raised:

Attempting to generate a URL from non-sanitized request parameters! An attacker can inject malicious data into the generated URL, such as changing the host. Whitelist and sanitize passed parameters to be secure.

Extracted source (around line #7):

5 6 7 8 9 10

  <%= prev_page_tag unless current_page.first? %>
  <% each_page do |page| -%>
    <% if page.left_outer? || page.right_outer? || page.inside_window? -%>
      <%= page_tag page %>
    <% elsif !page.was_truncated? -%>
      <%= gap_tag %>

Trace of template inclusion: app/views/search/_results.html.erb, app/views/search/index.html.erb

Rails.root: /opt/dradis-ce Application Trace | Framework Trace | Full Trace

app/views/kaminari/_paginator.html.erb:7:in block (2 levels) in _app_views_kaminari__paginator_html_erb__864226663__663325808' app/views/kaminari/_paginator.html.erb:5:inblock in _app_views_kaminaripaginator_html_erb864226663663325808' app/views/kaminari/_paginator.html.erb:1:in `_app_views_kaminaripaginator_html_erb864226663663325808' app/views/search/_results.html.erb:15:in _app_views_search__results_html_erb__812644066__668098148' app/views/search/index.html.erb:23:in_app_views_search_index_html_erb623506895669320428'

Request

Parameters:

{"utf8"=>"✓", "q"=>"find"}

System configuration

3.6 Ruby version: ruby 2.2.2

OS version: Linux kali 4.6.0-kali1-686 #1 SMP Debian 4.6.4-1kali1 (2016-07-21) i686 GNU/Linux

[dormi]

@aapomm this may be closed now?