MantisBT: master 57c94485

Author Committer Branch Timestamp Parent
Paul Richards Paul Richards master 2011-08-29 06:55 master a908cc61
Affected Issues  0013191: XSS vulnerability dues to usage of PHP_SELF
 0013281: MantisBT Security Vulnerabilities Notification

Fix issue introduced previously whereby php_Self is now used unchecked.

introduced previously by john attempting to fix symlinks. Since we now use php 5.2, we can make use of filter_var.

This is a simpler version of what we were trying to do previously aka;h=5ac1fdf32717d0c82cca7e7660dd4fd316a6a1b8

Depending on server/mantis config this can lead to XSS issues

mod - config_defaults_inc.php Diff File