MantisBT: master-1.2.x ccae795a

Diff Back to Repository
Author Committer Branch Timestamp Parent
dhx dhx master-1.2.x 2009-12-01 04:32 master-1.2.x b4b275a5
Affected Issues  0011246: XSS bug in category dropdown selector
Changeset

Fix 0011246: XSS bug in category dropdown selector

If a category name contains "<script>alert(42);</script>" then it would
result in a XSS vulnerability whenever a category dropdown list was
printed. This applies to pages such as bug reporting, updating a bug,
etc.
mod - core/print_api.php Diff File