MantisBT: master-1.2.x c23edbfb

Diff Back to Repository
Author Committer Branch Timestamp Parent
dhx dhx master-1.2.x 2009-12-01 00:25 master-1.2.x 42e3640a
Affected Issues  0011232: XSS on summary_page.php with user Real Name field
Changeset

Fix 0011232: XSS on summary_page.php with user Real Name field

User real names should be sanitised before being printed to
summary_page.php as it may be possible for the names to contain HTML
elements that allow for XSS attacks.
mod - core/summary_api.php Diff File