MantisBT: master-2.4 2d2309a3
Author | Committer | Branch | Timestamp | Parent |
---|---|---|---|---|
dregad | dregad | master-2.4 | 2017-05-19 07:48 | master-2.4 a64a0d22 |
Affected Issues | 0022702: CVE-2017-7620: CSRF - Arbitrary Permalink Injection | |||
0022816: CVE-2017-7620: Open redirection vulnerability in /login_page.php | ||||
Changeset | Fix CSRF vulnerability in permalink_page.php John Page aka hyp3rlinx / ApparitionSec http://hyp3rlinx.altervista.org Backporting from master branch:
|
|||
mod - core/filter_api.php | Diff File | |||
mod - core/string_api.php | Diff File | |||
mod - permalink_page.php | Diff File | |||
mod - tests/Mantis/StringTest.php | Diff File |