MantisBT: master-2.24 8c6f4d88
Author | Committer | Branch | Timestamp | Parent |
---|---|---|---|---|
dregad | dregad | master-2.24 | 2020-09-23 12:36:32 | master-2.24 26bbae76 |
Affected Issues | 0027304: CVE-2020-25830: HTML Injection in bug_actiongroup_page.php | |||
Changeset | Fix XSS in bug_actiongroup_page.php Improper escaping of the custom field's name allowed an attacker to Credits to d3vpoo1 (https://gitlab.com/jrckmcsb) for the finding. Fixes 0027304 |
|||
mod - bug_actiongroup_page.php | Diff File |