MantisBT: master 132cd6d0

Diff Back to Repository
Author Committer Branch Timestamp Parent
dregad dregad master 2014-12-27 07:47 master 7cc4539f
Affected Issues  0017937: MantisBT Security Vulnerability Notification (HTB23243)
 0017938: CVE-2014-9571: XSS in install.php
 0019274: CVE-2014-9571: XSS in install.php
Changeset

Fix XSS in install.php

This vulnerability (CVE-2014-9571) was reported by High-Tech Bridge
Security Research Lab (https://www.htbridge.com/) in issue 0017937
(advisory ID HTB23243).

The parameters are now properly sanitized before being displayed.

Fixes 0017938
mod - admin/install.php Diff File