MantisBT: master c154fafc

Diff Back to Repository
Author Committer Branch Timestamp Parent
dhx dhx master 2009-11-22 07:37 master 880db823
Affected Issues  0011206: XSS on view_filters_page.php?target_field=...
Changeset

Fix 0011026: Fix XSS bug in view_filters_page.php

Fix a parsing/validation error whereby a target_field input of the form
"status[]<script>bad_code();</script>" would be printed directly to
HTML, thus leading to a XSS vulnerability.
mod - view_filters_page.php Diff File