MantisBT: master-1.2.x 05378e00
Author | Committer | Branch | Timestamp | Parent |
---|---|---|---|---|
dregad | dregad | master-1.2.x | 2014-11-27 14:15 | master-1.2.x e5fc835a |
Affected Issues | 0017297: CVE-2014-9272: XSS in string_insert_hrefs allows script execution | |||
Changeset | Fix 0017297: XSS in string_insert_hrefs The URL matching regex in the function did not validate the protocol, Issue was discovered by Mathias Karlsson (http://mathiaskarlsson.me) |
|||
mod - core/string_api.php | Diff File |