View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0012238 | mantisbt | security | public | 2010-08-05 04:00 | 2011-08-02 12:35 |
Reporter | dhx | Assigned To | dhx | ||
Priority | immediate | Severity | major | Reproducibility | always |
Status | closed | Resolution | fixed | ||
Product Version | 1.2.2 | ||||
Target Version | 1.2.3 | Fixed in Version | 1.2.3 | ||
Summary | 0012238: XSS in print_all_bug_page_word.php when printing project and category names | ||||
Description | print_all_bug_page_word.php does not correctly sanitise project and category names. It is thus possible for a malicious user with project manager access permissions (or higher) to redirect users to print_all_bug_page_word.php to execute malicious JavaScript. | ||||
Tags | No tags attached. | ||||
MantisBT: master bfc9e9ff 2010-08-05 04:00 Details Diff |
Fix 0012238: XSS in print_all_bug_page_word.php project/category names print_all_bug_page_word.php does not correctly sanitise project and category names. It is thus possible for a malicious user with project manager access permissions (or higher) to redirect users to print_all_bug_page_word.php to execute malicious JavaScript. |
Affected Issues 0012238 |
|
mod - print_all_bug_page_word.php | Diff File | ||
MantisBT: master-1.2.x 9fc1dd81 2010-08-05 04:00 Details Diff |
Fix 0012238: XSS in print_all_bug_page_word.php project/category names print_all_bug_page_word.php does not correctly sanitise project and category names. It is thus possible for a malicious user with project manager access permissions (or higher) to redirect users to print_all_bug_page_word.php to execute malicious JavaScript. |
Affected Issues 0012238 |
|
mod - print_all_bug_page_word.php | Diff File |