MantisBT: master-2.2 16772514

Diff Back to Repository
Author Committer Branch Timestamp Parent
dregad dregad master-2.2 2017-03-09 13:24 master-2.2 c26b34b6
Affected Issues  0022497: CVE-2017-6799: XSS in view_filters_page.php
Changeset

Fix XSS in view_filters_page.php

The value of the view_type parameter was not sanitized before being
displayed as a hidden input.

This vulnerability was reported by Etienne Landais.

Fixes 0022497
mod - view_filters_page.php Diff File