Additional check in where checker

application/Espo/Core/Select/Where/Checker.php

@@ -119,6 +119,10 @@ class Checker
         $forbidComplexExpressions = $params->forbidComplexExpressions();
         $checkWherePermission = $params->applyPermissionCheck();
 
+        if ($attribute && str_contains($attribute, '#')) {
+            throw new Forbidden("Not allowed character in attribute.");
+        }
+
         if ($forbidComplexExpressions) {
             if (in_array($type, $this->subQueryTypeList)) {
                 throw new Forbidden("Sub-queries are forbidden in where.");

application/Espo/Tools/Stream/RecordService.php

@@ -463,6 +463,7 @@ class RecordService
             ->create()
             ->from(Attachment::ENTITY_TYPE)
             ->withSearchParams($searchParams)
+            ->withComplexExpressionsForbidden()
             ->buildQueryBuilder()
             ->where(
                 Condition::in(