View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0019274 | mantisbt | security | public | 2015-01-27 04:49 | 2015-03-15 19:58 |
Reporter | dregad | Assigned To | dregad | ||
Priority | normal | Severity | major | Reproducibility | have not tried |
Status | closed | Resolution | fixed | ||
Product Version | 1.3.0-beta.1 | ||||
Target Version | 1.3.0-beta.2 | Fixed in Version | 1.3.0-beta.2 | ||
Summary | 0019274: CVE-2014-9571: XSS in install.php | ||||
Description | This is a clone of 0017938 to track the vulnerability in 1.3.x branch | ||||
Additional Information | Advisory ID: HTB23243 Original report in 0017937 | ||||
Tags | No tags attached. | ||||
MantisBT: master 132cd6d0 2014-12-27 07:47 Details Diff |
Fix XSS in install.php This vulnerability (CVE-2014-9571) was reported by High-Tech Bridge Security Research Lab (https://www.htbridge.com/) in issue 0017937 (advisory ID HTB23243). The parameters are now properly sanitized before being displayed. Fixes 0017938 |
Affected Issues 0017937, 0017938, 0019274 |
|
mod - admin/install.php | Diff File |