On Mon, Oct 16, 2017 at 3:58 PM, John Ferlan wrote:
>
>
> On 10/06/2017 02:47 AM, Ladi Prosek wrote:
>> The code was vulnerable to SQL injection. Likely not a security issue due to
>> WMI SQL and other constraints but still lame. For example:
>>
>> virsh # dominfo \"
>>
On 10/06/2017 02:47 AM, Ladi Prosek wrote:
> The code was vulnerable to SQL injection. Likely not a security issue due to
> WMI SQL and other constraints but still lame. For example:
>
> virsh # dominfo \"
> error: failed to get domain '"'
> error: internal error: SOAP fault during
The code was vulnerable to SQL injection. Likely not a security issue due to
WMI SQL and other constraints but still lame. For example:
virsh # dominfo \"
error: failed to get domain '"'
error: internal error: SOAP fault during enumeration: code 's:Sender', subcode