Skip to content
Psalm Security Scan

CVE-2025-8264 - Imap - update user_identity getIdentityFromSql, to use parameters to prevent SQL Injection #128

Sign in to view logs

CVE-2025-8264 - Imap - update user_identity getIdentityFromSql, to use parameters to prevent SQL Injection

CVE-2025-8264 - Imap - update user_identity getIdentityFromSql, to use parameters to prevent SQL Injection #128

Triggered via pull request July 28, 2025 09:45
@matidaumatidau
opened #161
matidau:cve20258264
Status Success
Total duration 42s
Artifacts

main.yml

on: pull_request
Psalm
40s
Psalm
Fit to window
Zoom out
Zoom in

Annotations

11 errors
Psalm
CodeQL Action major versions v1 and v2 have been deprecated. Please update all occurrences of the CodeQL Action in your workflow files to v3. For more information, see https://github.blog/changelog/2025-01-10-code-scanning-codeql-action-v2-is-now-deprecated/
Psalm: src/include/z_carddav.php#L807
Detected tainted network request
Psalm: src/include/z_carddav.php#L787
Detected tainted network request
Psalm: src/include/z_carddav.php#L787
Detected tainted network request
Psalm: src/include/z_caldav.php#L256
Detected tainted network request
Psalm: src/include/z_caldav.php#L256
Detected tainted network request
Psalm: src/include/z_caldav.php#L256
Detected tainted network request
Psalm: src/include/z_caldav.php#L256
Detected tainted network request
Psalm: src/include/z_caldav.php#L236
Detected tainted network request
Psalm: src/include/z_caldav.php#L236
Detected tainted network request
Psalm: src/autodiscover/autodiscover.php#L92
Detected tainted cookie