MantisBT: master-1.3.x c4f50e5d
Author | Committer | Branch | Timestamp | Parent |
---|---|---|---|---|
dregad | dregad | master-1.3.x | 2017-05-19 07:48 | master-1.3.x b933abcb |
Affected Issues | 0022702: CVE-2017-7620: CSRF - Arbitrary Permalink Injection | |||
0022816: CVE-2017-7620: Open redirection vulnerability in /login_page.php | ||||
Changeset | Fix CSRF vulnerability in permalink_page.php John Page aka hyp3rlinx / ApparitionSec http://hyp3rlinx.altervista.org Backporting from master branch:
|
|||
mod - core/filter_api.php | Diff File | |||
mod - core/string_api.php | Diff File | |||
mod - permalink_page.php | Diff File | |||
mod - tests/Mantis/StringTest.php | Diff File |