SQL injection from Ingame user name

Question

SQL injection from Ingame user name

faaanbingbing opened this issue 5 years ago · 2 comments

User name example:

'; select * from users;--

etc...

Answer 1 · 2019-12-22T17:30:21.000Z

Hmn, I was sure that there is some DCS functionality to prevent this from happening.
Thanks for information, will include some protection in the next release.

Answer 2 · 2019-12-23T12:44:45.000Z

@faaanbingbing this was fixed in c36befd

I will release 0.9.3 with the fix.

Thank you again!