Mantis Bug Tracker
 
Main | My View | View Issues | Change Log | Roadmap | Wiki | ManTweet | Repositories
  

View Issue Details Jump to Notes ] Wiki ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0006509mantisbtsecuritypublic2005-12-17 21:212006-10-09 11:55
Reporterthraxisp 
Assigned Tothraxisp 
PrioritynormalSeverityminorReproducibilityalways
StatusclosedResolutionfixed 
PlatformOSOS Version
Product Version1.0.0rc4 
Target VersionFixed in Version1.0.0rc5 
Summary0006509: Port: Additional XSS Vulnerabilities in Filter
DescriptionSome XSS vulnerabilities in the filter were missed in the last patch.

GET: ?type=1&highlight_changed=[XSS]
GET: ?type=1&relationship_type=[XSS]
GET: ?type=1&relationship_bug=[XSS]

Originally reported by Thomas Waldegger <thomas.waldegger@morph3us.org>
TagsNo tags attached.
Attached Files

- Relationships
child of 0006508closedthraxisp Additional XSS Vulnerabilities in Filter 

-  Notes
User avatar (0011812)
thraxisp (manager)
2005-12-18 09:23

 Fixed in CVS.

on BRANCH_1_0_0rc4
view_all_set.php -> 1.57.4.1.2.1
core/filter_api.php -> 1.122.2.2.2.3.2.1

- Issue History
Date Modified Username Field Change
2005-12-17 21:21 thraxisp New Issue
2005-12-17 21:21 thraxisp Assigned To => thraxisp
2005-12-17 21:21 thraxisp Issue generated from 0006508
2005-12-17 21:21 thraxisp Relationship added child of 0006508
2005-12-18 08:24 jlatour Status new => assigned
2005-12-18 09:23 thraxisp Status assigned => resolved
2005-12-18 09:23 thraxisp Fixed in Version => 1.0.0rc5
2005-12-18 09:23 thraxisp Resolution open => fixed
2005-12-18 09:23 thraxisp Note Added: 0011812
2006-01-17 06:33 vboctor Status resolved => closed
2006-10-09 11:55 thraxisp View Status private => public

MantisBT 1.2.0rc2 git live[^]
Copyright © 2000 - 2010 MantisBT Group
Time: 0.2080 seconds.
memory usage: 1,804 KB
Powered by Mantis Bugtracker