| Anonymous | Login | Signup for a new account | 2010-02-08 20:47 EST |  |
| Main | My View | View Issues | Change Log | Roadmap | Wiki | ManTweet | Repositories |
| View Issue Details [ Jump to Notes ] [ Wiki ] | [ Issue History ] [ Print ] | |||||
| ID | Project | Category | View Status | Date Submitted | Last Update | |
| 0005751 | mantisbt | security | public | 2005-06-08 18:36 | 2005-07-23 02:26 | |
| Reporter | spud | |||||
| Assigned To | thraxisp | |||||
| Priority | normal | Severity | minor | Reproducibility | always | |
| Status | closed | Resolution | fixed | |||
| Platform | OS | OS Version | ||||
| Product Version | 1.0.0a3 | |||||
| Target Version | Fixed in Version | 1.0.0rc1 | ||||
| Summary | 0005751: Javascript XSS vulnerability | |||||
| Description | I had a user create an "issue" that contained only this: <script>alert("your bug tracking is vulnearble to xss");</script> For the most part, the hack is rendered ineffective, which is nice. However, upon attempting to delete this bogus entry, I clicked the "Delete Issue" button, which started to load bug_actiongroup_page.php. Just before the page finished loading, what happened? I got a javascript alert that said "your bug tracking is vulnearble to xss"! So indeed it is...at least if you try to delete it! I left it up, so you can see the bogus entry as-is: http://bugs.dadaimc.org/view.php?id=160 [^] | |||||
| Additional Information | PS: Sorry for the dupe of the custom field bug earlier! I didn't look hard enough for it before submitting. The CVS patch works great! | |||||
| Tags | No tags attached. | |||||
| Attached Files | ||||||
 Relationships |
||||||||||||||||||||||||||
|
||||||||||||||||||||||||||
 Relationships |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2005-06-08 18:36 | spud | New Issue | |
| 2005-06-08 18:41 | vboctor | Relationship added | has duplicate 0005748 |
| 2005-06-08 18:41 | vboctor | Relationship added | has duplicate 0005750 |
| 2005-06-08 18:42 | vboctor | Relationship added | has duplicate 0005749 |
| 2005-06-08 18:44 | vboctor | Relationship added | child of 0005460 |
| 2005-06-09 16:22 | thraxisp | Assigned To | => thraxisp |
| 2005-06-09 16:22 | thraxisp | Status | new => assigned |
| 2005-06-09 16:36 | thraxisp | Status | assigned => resolved |
| 2005-06-09 16:36 | thraxisp | Fixed in Version | => 1.0.0a4 |
| 2005-06-09 16:36 | thraxisp | Resolution | open => fixed |
| 2005-06-09 16:36 | thraxisp | Note Added: 0010459 | |
| 2005-07-23 02:26 | vboctor | Status | resolved => closed |
| 2005-07-27 19:27 | thraxisp | Relationship added | has duplicate 0006002 |
| 2005-08-25 01:55 | bengen | Issue Monitored: bengen | |
|
Issue History |
| MantisBT 1.2.0rc2 git live[^]
Copyright © 2000 - 2010 MantisBT Group
Time: 0.1880 seconds. memory usage: 1,827 KB |
 |
