|Topic:||print_object in datalib.php should have some validation to make sure it's not exploited|
|Versions affected:||2.1 to 2.1.2+, 2.0 to 2.0.5+ (1.9.x not affected)|
|Reported by:||Rajesh Taneja|
|Workaround:||Avoid leaving debugging code behind|
Developers debugging a system may output object states, and the filtering of this output has now been strengthened.