Source Control Integration

Author	Committer	Branch	Timestamp	Parent
dregad	dregad	master-2.24	2020-09-12 06:20:49	master 77991180
Affected Issues	0027275: CVE-2020-25288: HTML Injection on bug_update_page.php
Changeset	Fix XSS in Custom Field regex pattern validation Improper escaping of the custom field definition's Regular Expression allowed an attacker to inject HTML into the page (CVE-2020-25288). Credits to d3vpoo1 (https://gitlab.com/jrckmcsb) for the finding. Fixes 0027275
Changeset	mod - core/cfdefs/cfdef_standard.php			Diff File