Behavior: Links in Reblog cannot be ‘archived’ or ‘published’
Problem: Reblog wasn’t sanitizing the ‘link’ field in the MySQL table properly, allowing injection of unescaped single quotes (’) from RSS feeds into the database. The query would fail and thus would never process properly.
File: Controller.class.php in /refeed/library/RF
Version: $Revision: 1.40 (reBlog version 2.0b2)
Status: Bug reported with code […]