Insufficient validation of form input
(1) By anonymous on 2021-09-13 12:56:01 [source]
POST request with content type
multipart/form-data the names of the parameters are not properly sanitized. See lines 600 and 606. This makes it possible to set parameters such as
(2) By D. Richard Hipp (drh) on 2021-11-26 12:28:09 in reply to 1 [link] [source]
Thanks for catching and reporting this. Should now be fixed on trunk.