Details
-
Bug
-
Resolution: Unresolved
-
Minor
-
COmanage Registry 2.0.0 (Passing Fad)
-
None
Description
CoExtendedAttributesController.php::checkDeleteDependencies uses filter_var on $curdata instead of $reqdata in a couple of places. This doesn't appear to be a security issue as the model validation rules restrict the valid input to alphanumeric characters. (It's actually not clear that we need filter_var in the first place, though it's probably better to have it in case the validation rules change at some point.)