Robin Ward fe8bd92f71 SECURITY: SQL injection with default categories
This is a low severity security fix because it requires a logged in
admin user to update a site setting via the API directly to an invalid
value.

The fix adds validation for the affected site settings, as well as a
secondary fix to prevent injection in the event of bad data somehow
already exists.
2019-07-11 13:53:12 -04:00
..
2019-01-11 14:30:19 -05:00
2019-05-13 15:24:24 +01:00
2019-05-29 14:26:24 +10:00
2019-05-13 15:24:24 +01:00
2019-05-25 00:32:29 +02:00
2019-05-24 12:58:26 +08:00
2019-05-29 14:26:24 +10:00
2019-04-08 17:03:26 +05:30