MantisBT: master-1.2.x 92561bce

Diff Back to Repository
Author Committer Branch Timestamp Parent
dhx dhx master-1.2.x 2009-12-01 00:31 master-1.2.x c23edbfb
Affected Issues  0011233: XSS on adm_config_report.php with user Real Name field
Changeset

Fix 0011233: XSS on adm_config_report.php with user Real Name field

User real names were not sanitised on adm_config_report.php thus leading
to XSS attacks against those with permission to access the configuration
of a Mantis installation (typcially Administrators only).
mod - adm_config_report.php Diff File