Kanban auto logout - log: Try to hack detected

Hello,
I am a new user and if the problem description is not sufficient, please let me know.

Problem:
The user (Project_LEader profile) wanted to create a Kanban view while saving the completed form, he was auto logged out.

From then on, every time he logs in and selects Kanban from the menu, he always logs him out of Projeqtor.

Other users do not have this problem.

Below is an excerpt from the logs:


2022-04-20 12: 02: 00.704 ===== TRACE ===== NEW CONNECTED USER 'mzurek'
2022-04-20 12: 02: 15.282 ***** ERROR ***** [V9.4.2] HACK ======================= =========================================
2022-04-20 12: 02: 15.282 ***** ERROR ***** [V9.4.2] Try to hack detected
2022-04-20 12: 02: 15.283 ***** ERROR ***** [V9.4.2] Source Code = SqlElement -> _ construct: id '<div class = "messageERROR"> ERROR: Parameter type not found in REQUEST </div> <input type = "hidden" id = "lastSaveId" value = "" /> <input type = "hidden" id = "lastOperation" value = "ERROR" /> <input type = "hidden" id = "lastOperationStatus" value = "ERROR" /> 'is not numeric for class Kanban
2022-04-20 12: 02: 15.283 ***** ERROR ***** [V9.4.2] QUERY_STRING = destinationWidth = 1668 & destinationHeight = 902 & isIE = & xhrPostDestination = centerDiv & xhrPostIsResultMessage = false & xhrPostValidationType = & xhrPostamp = 16504489rfoken = 16504489rfoken = 16504489rfoken = 16504489rfoken
2022-04-20 12: 02: 15.283 ***** ERROR ***** [V9.4.2] REMOTE_ADDR = 192.168.123.247
2022-04-20 12: 02: 15.283 ***** ERROR ***** [V9.4.2] SCRIPT_FILENAME = /var/www/html/projector/view/kanbanViewMain.php
2022-04-20 12: 02: 15.283 ***** ERROR ***** [V9.4.2] CONNECTED USER = # 24 - mzurek
2022-04-20 12: 02: 15.283

---

DEBUG

---

=> /var/www/html/projector/tool/projeqtor.php at line 1652 calling debugPrintTraceStack ()
2022-04-20 12: 02: 15.283

---

DEBUG

---

=> /var/www/html/projector/model/persistence/SqlElement.php at line 749 calling traceHack ()
2022-04-20 12: 02: 15.283

---

DEBUG

---

=> /var/www/html/projector/model/Kanban.php at line 45 calling SqlElement: __ construct ()
2022-04-20 12: 02: 15.283

---

DEBUG

---

=> /var/www/html/projector/view/kanbanView.php at line 50 calling Kanban: __ construct ()
2022-04-20 12: 02: 15.283

---

DEBUG

---

=> /var/www/html/projector/view/kanbanViewMain.php at line 24 calling include ()
2022-04-20 12: 02: 15.283 ***** ERROR ***** [V9.4.2] REQUEST_URI = /projector/view/kanbanViewMain.php?destinationWidth=1668&destinationHeight=902&isIE=&xhrPostDestination=centerDiv&xhrPostIsResultMessage=Postalxalidation&Timage=Postalxsehration = = 1650448935146 & csrfToken =
2022-04-20 12: 02: 30.348

---

DEBUG

---

loginCheck: current db version = 'V9.4.2'
2022-04-20 12: 02: 30.350

---

DEBUG

---

User-> authenticate ('mzurek', 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx')
2022-04-20 12: 02: 30.351

---

DEBUG

---

User-> authenticate: sha256 encryption
2022-04-20 12: 02: 30.351

---

DEBUG

---

User-> authenticate: Successfull login
2022-04-20 12: 02: 30.452 ===== TRACE ===== NEW CONNECTED USER 'mzurek'
2022-04-20 12: 02: 44.238 ===== TRACE ===== DISCONNECTED USER 'mzurek'
2022-04-20 12: 04: 04.386

---

DEBUG

---

loginCheck: current db version = 'V9.4.2'
2022-04-20 12: 04: 04.387

---

DEBUG

---

User-> authenticate ('mzurek', 'xxxxxxxxxxxxxxxxxxxxxx')
2022-04-20 12: 04: 04.388

---

DEBUG

---

User-> authenticate: sha256 encryption
2022-04-20 12: 04: 04.388

---

DEBUG

---

User-> authenticate: Successfull login

Hello,
I found the reason of this situation - but I don`t resolved the problem.
Problem was because the user use the special character in field "name" when he try to create new kanban table.
I repeated steps on page track.projeqtor.org/ (ver. 9.5.2.) on guest account i the symptoms are simular,... and I wondering if update will help.