MantisBT: master-2.24 8c6f4d88
| Author | Committer | Branch | Timestamp | Parent |
|---|---|---|---|---|
| dregad | dregad | master-2.24 | 2020-09-23 12:36:32 | master-2.24 26bbae76 |
| Affected Issues | 0027304: CVE-2020-25830: HTML Injection in bug_actiongroup_page.php | |||
| Changeset | Fix XSS in bug_actiongroup_page.php Improper escaping of the custom field's name allowed an attacker to Credits to d3vpoo1 (https://gitlab.com/jrckmcsb) for the finding. Fixes 0027304 |
|||
| mod - bug_actiongroup_page.php | Diff File | |||
