View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0012238 | mantisbt | security | public | 2010-08-05 04:00 | 2011-08-02 12:35 |
| Reporter | dhx | Assigned To | dhx | ||
| Priority | immediate | Severity | major | Reproducibility | always |
| Status | closed | Resolution | fixed | ||
| Product Version | 1.2.2 | ||||
| Target Version | 1.2.3 | Fixed in Version | 1.2.3 | ||
| Summary | 0012238: XSS in print_all_bug_page_word.php when printing project and category names | ||||
| Description | print_all_bug_page_word.php does not correctly sanitise project and category names. It is thus possible for a malicious user with project manager access permissions (or higher) to redirect users to print_all_bug_page_word.php to execute malicious JavaScript. | ||||
| Tags | No tags attached. | ||||
|
MantisBT: master bfc9e9ff 2010-08-05 04:00 Details Diff |
Fix 0012238: XSS in print_all_bug_page_word.php project/category names print_all_bug_page_word.php does not correctly sanitise project and category names. It is thus possible for a malicious user with project manager access permissions (or higher) to redirect users to print_all_bug_page_word.php to execute malicious JavaScript. |
Affected Issues 0012238 |
|
| mod - print_all_bug_page_word.php | Diff File | ||
|
MantisBT: master-1.2.x 9fc1dd81 2010-08-05 04:00 Details Diff |
Fix 0012238: XSS in print_all_bug_page_word.php project/category names print_all_bug_page_word.php does not correctly sanitise project and category names. It is thus possible for a malicious user with project manager access permissions (or higher) to redirect users to print_all_bug_page_word.php to execute malicious JavaScript. |
Affected Issues 0012238 |
|
| mod - print_all_bug_page_word.php | Diff File | ||
