View Issue Details

IDProjectCategoryView StatusLast Update
0025972mantisbtcustom fieldspublic2020-09-11 12:11
Reportercproensa Assigned Tocproensa  
PrioritynormalSeverityfeatureReproducibilityhave not tried
Status closedResolutionfixed 
Product Version2.22.0 
Target Version2.23.0Fixed in Version2.23.0 
Summary0025972: Use custom field regular expression in the html input

When a custom field has an associated regular expression, this regexp should be included in the html input pattern attribute.

TagsNo tags attached.


related to 0027275 closeddregad CVE-2020-25288: HTML Injection on bug_update_page.php 


Related Changesets

MantisBT: master 7786bfd5

2019-08-06 19:13:28


Committer: vboctor Details Diff
Use html regex validation for string custom fields

Use the custom field configured regex in the html input "pattern"
This is only supported (natively in html5) for text inputs, not

Fixes: 0025972
Affected Issues
mod - core/cfdefs/cfdef_standard.php Diff File

Issue History

Date Modified Username Field Change
2019-08-06 05:50 cproensa New Issue
2019-08-15 09:21 cproensa Assigned To => cproensa
2019-08-15 09:21 cproensa Status new => assigned
2019-08-15 09:21 cproensa Note Added: 0062592
2019-08-25 16:17 vboctor Changeset attached => MantisBT master 7786bfd5
2019-08-25 16:17 cproensa Status assigned => resolved
2019-08-25 16:17 cproensa Resolution open => fixed
2019-08-25 16:17 cproensa Fixed in Version => 2.23.0
2019-08-25 16:18 vboctor Target Version => 2.23.0
2019-12-09 04:32 vboctor Status resolved => closed
2020-09-11 12:11 dregad Relationship added related to 0027275