Skip to content

ESB-1154 Lucene fix attack surface#343

Merged
MEM2677 merged 1 commit into
release/7.5from
ESB-fix-lucene-query-injection
Jul 1, 2026
Merged

ESB-1154 Lucene fix attack surface#343
MEM2677 merged 1 commit into
release/7.5from
ESB-fix-lucene-query-injection

ESB-1154 fix Lucene query injection via unsanitized field names

28332d0
Select commit
Loading
Failed to load commit list.
SonarQubeCloud / SonarCloud Code Analysis succeeded Jul 1, 2026 in 3m 0s

Annotations

Check warning on line 0 in solr-plugin/src/main/java/org/entando/entando/plugins/jpsolr/aps/system/solr/SearcherDAO.java

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

Use the "java.time" API for date and time.

See more on https://sonarcloud.io/project/issues?id=entando_app-engine&issues=AZ8d7QvZUt1ihFvXn0vs&open=AZ8d7QvZUt1ihFvXn0vs&pullRequest=343

Check warning on line 73 in solr-plugin/src/main/java/org/entando/entando/plugins/jpsolr/aps/system/solr/SearcherDAO.java

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

Use concise character class syntax '\\w' instead of '[a-zA-Z0-9_]'.

See more on https://sonarcloud.io/project/issues?id=entando_app-engine&issues=AZ8d7QvZUt1ihFvXn0vt&open=AZ8d7QvZUt1ihFvXn0vt&pullRequest=343