Anonymous | Login | Signup for a new account | 2021-01-19 15:42 GMT | ![]() |
Main | My View | View Issues | Change Log | Roadmap |
View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||
ID | Project | Category | View Status | Date Submitted | Last Update | ||||
0001701 | SiT! | security | public | 2011-08-25 10:09 | 2011-09-04 20:45 | ||||
Reporter | ivan | ||||||||
Assigned To | ivan | ||||||||
Priority | normal | Severity | block | Reproducibility | have not tried | ||||
Status | closed | Resolution | fixed | ||||||
Platform | OS | OS Version | |||||||
Product Version | 3.64 LTS | ||||||||
Target Version | 3.65 LTS | Fixed in Version | 3.65 LTS | ||||||
Summary | 0001701: XSS: Possible to inject javascript into search page | ||||||||
Description | The GET parameter 'q' is not filtered before being used to create javascript code in search.php | ||||||||
Tags | No tags attached. | ||||||||
Attached Files | |||||||||
![]() |
|
ivan (administrator) 2011-08-28 09:51 |
Fixed in svn r7306 and Git 69c4c28 |
ivan (administrator) 2011-09-04 20:45 |
Fix released in v3.65 |
![]() |
|||
Date Modified | Username | Field | Change |
2011-08-25 10:09 | ivan | New Issue | |
2011-08-25 10:09 | ivan | Status | new => assigned |
2011-08-25 10:09 | ivan | Assigned To | => ivan |
2011-08-28 09:46 | ivan | Target Version | => 3.65 LTS |
2011-08-28 09:51 | ivan | Note Added: 0004261 | |
2011-08-28 09:51 | ivan | Status | assigned => resolved |
2011-08-28 09:51 | ivan | Fixed in Version | => Current SVN |
2011-08-28 09:51 | ivan | Resolution | open => fixed |
2011-09-04 17:37 | ivan | Fixed in Version | Current SVN => 3.65 LTS |
2011-09-04 20:45 | ivan | Note Added: 0004287 | |
2011-09-04 20:45 | ivan | Status | resolved => closed |
Copyright © 2000 - 2021 MantisBT Team |