MantisBT: master-1.2.x d55a7f24

Diff Back to Repository
Author Committer Branch Timestamp Parent
dhx dhx master-1.2.x 2009-12-01 04:49 master-1.2.x ccae795a
Affected Issues  0011247: XSS in various management pages due to unsanitised project names
Changeset

Fix 0011247: XSS in various management pages (project names)

A project name containing "<script>alert(42);</script>" would result in
XSS vulnerabilities in adm_config_report.php and
manage_custom_field_edit_page.php due to unsanitised project names being
printed directly to HTML output.
mod - core/print_api.php Diff File
mod - adm_config_report.php Diff File