0012432: XSS issues when viewing Summary page - MantisBT - Signup temporarily disabled due to spam

ID	Project	Category	View Status	Date Submitted	Last Update

0012432	mantisbt	security	public	2010-10-07 05:46	2011-08-02 12:35

Reporter	giallu	Assigned To	giallu
Priority	high	Severity	major	Reproducibility	always
Status	closed	Resolution	fixed
Product Version	1.1.8
Target Version	1.1.9	Fixed in Version	1.1.9

Summary	0012432: XSS issues when viewing Summary page
Description	Scripting code entered in summary field might be executed when displaying Summary page
Steps To Reproduce	Enter an issue with scripting code in Summary field View "Summary" page See your code beeing executed if issue is displayed in list of longest open issues
Tags	No tags attached.

MantisBT: master-1.1.x 78d1449e 2010-10-07 06:31 giallu Details Diff	Fix 0012432: XSS issues when viewing Summary page Backport of commit c58a678 for bug 12309		Affected Issues 0012432
	mod - core/summary_api.php		Diff File