View Issue Details

IDProjectCategoryView StatusLast Update
0024297mantisbtsecuritypublic2018-04-13 08:38
ReporterdregadAssigned Todregad 
PriorityhighSeveritymajorReproducibilityhave not tried
Status closedResolutionfixed 
Product Version2.1.0 
Target Version2.12.1Fixed in Version2.12.1 
Summary0024297: Update Parsedown library to 1.7.1
Description

Parsedown 1.6.x is vulnerable to XSS attacks (see 0024186). Vulnerabilities were fixed in 1.7.0 on 28-Feb-2018; 1.7.1 was released a few days later including a few additional bug fixes.

TagsNo tags attached.

Relationships

child of 0024186 closeddregad CVE-2018-1000162: XSS vulnerability in Parsedown library 

Activities

There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2018-04-13 08:28 dregad New Issue
2018-04-13 08:28 dregad Status new => assigned
2018-04-13 08:28 dregad Assigned To => dregad
2018-04-13 08:28 dregad Issue generated from: 0024186
2018-04-13 08:28 dregad Relationship added child of 0024186
2018-04-13 08:34 dregad Status assigned => resolved
2018-04-13 08:34 dregad Resolution open => fixed
2018-04-13 08:37 dregad Status resolved => closed
2018-04-13 08:38 dregad Fixed in Version => 2.12.1