[buddypress-trac] [BuddyPress Trac] #5796: Invalid or empty page_arg results in no-limit queries

buddypress-trac noreply at wordpress.org
Tue Aug 5 05:51:11 UTC 2014


#5796: Invalid or empty page_arg results in no-limit queries
-----------------------------+-------------------------------------
 Reporter:  johnjamesjacoby  |      Owner:
     Type:  defect (bug)     |     Status:  new
 Priority:  high             |  Milestone:  2.1
Component:  All Components   |    Version:
 Severity:  major            |   Keywords:  needs-patch 2nd-opinion
-----------------------------+-------------------------------------
 Passing an invalid page argument in a URL that's listening for `$_REQUEST[
 $page_arg ]` will empower users to query for unpaginated results. To
 reproduce:

 * domain.com/activity/?acpage=%27
 * domain.com/activity/?acpage=0
 * domain.com/members/?upage=%27
 * domain.com/members/?upage=0

--
Ticket URL: <https://buddypress.trac.wordpress.org/ticket/5796>
BuddyPress Trac <http://buddypress.org/>
BuddyPress Trac


More information about the buddypress-trac mailing list