SiT! Bugs - SiT!
View Issue Details
0001701SiT!securitypublic2011-08-25 10:092011-09-04 20:45
ivan 
ivan 
normalblockhave not tried
closedfixed 
3.64 LTS 
3.65 LTS3.65 LTS 
0001701: XSS: Possible to inject javascript into search page
The GET parameter 'q' is not filtered before being used to create javascript code in search.php
No tags attached.
Issue History
2011-08-25 10:09ivanNew Issue
2011-08-25 10:09ivanStatusnew => assigned
2011-08-25 10:09ivanAssigned To => ivan
2011-08-28 09:46ivanTarget Version => 3.65 LTS
2011-08-28 09:51ivanNote Added: 0004261
2011-08-28 09:51ivanStatusassigned => resolved
2011-08-28 09:51ivanFixed in Version => Current SVN
2011-08-28 09:51ivanResolutionopen => fixed
2011-09-04 17:37ivanFixed in VersionCurrent SVN => 3.65 LTS
2011-09-04 20:45ivanNote Added: 0004287
2011-09-04 20:45ivanStatusresolved => closed

Notes
(0004261)
ivan   
2011-08-28 09:51   
Fixed in svn r7306 and Git 69c4c28
(0004287)
ivan   
2011-09-04 20:45   
Fix released in v3.65