SiT! Bugs

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0001701SiT!securitypublic2011-08-25 10:092011-09-04 20:45
Reporterivan 
Assigned Toivan 
PrioritynormalSeverityblockReproducibilityhave not tried
StatusclosedResolutionfixed 
PlatformOSOS Version
Product Version3.64 LTS 
Target Version3.65 LTSFixed in Version3.65 LTS 
Summary0001701: XSS: Possible to inject javascript into search page
DescriptionThe GET parameter 'q' is not filtered before being used to create javascript code in search.php
TagsNo tags attached.
Attached Files

- Relationships

-  Notes
User avatar (0004261)
ivan (administrator)
2011-08-28 09:51

Fixed in svn r7306 and Git 69c4c28
User avatar (0004287)
ivan (administrator)
2011-09-04 20:45

Fix released in v3.65

- Issue History
Date Modified Username Field Change
2011-08-25 10:09 ivan New Issue
2011-08-25 10:09 ivan Status new => assigned
2011-08-25 10:09 ivan Assigned To => ivan
2011-08-28 09:46 ivan Target Version => 3.65 LTS
2011-08-28 09:51 ivan Note Added: 0004261
2011-08-28 09:51 ivan Status assigned => resolved
2011-08-28 09:51 ivan Fixed in Version => Current SVN
2011-08-28 09:51 ivan Resolution open => fixed
2011-09-04 17:37 ivan Fixed in Version Current SVN => 3.65 LTS
2011-09-04 20:45 ivan Note Added: 0004287
2011-09-04 20:45 ivan Status resolved => closed


Copyright © 2000 - 2019 MantisBT Team
Powered by Mantis Bugtracker