MantisBT: master-1.2.x 49c3d089

Diff Back to Repository
Author Committer Branch Timestamp Parent
dregad dregad master-1.2.x 2014-11-14 11:55 master-1.2.x 1bdc16e5
Affected Issues  0017870: CVE-2014-8987: XSS in adm_config_report.php
Changeset

Fix 0017870: XSS in adm_config_report.php

This is the correct fix for this issue, using string_attribute() to
escape the variable. Thanks to Paul Richards for pointing this out.
mod - adm_config_report.php Diff File