PaulB
Guest
Member
Replacements it performs:
Code:
Will become:
Code:
Which MySQL/MariaDB will interpret as a literal backslash followed by a LIKE wildcard.
While this could theoretically result in security vulnerabilities in some add-ons, I can't find any instances in which this would result in a security issue in vanilla XenForo; it just breaks certain searches.
Continue...
Read more
Continue reading...
- % -> \%
- _ -> \_
- \ -> \\
Code:
\%Will become:
Code:
\\%Which MySQL/MariaDB will interpret as a literal backslash followed by a LIKE wildcard.
While this could theoretically result in security vulnerabilities in some add-ons, I can't find any instances in which this would result in a security issue in vanilla XenForo; it just breaks certain searches.
Continue...
Read more
Continue reading...
