View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0027853 | mantisbt | security | public | 2021-01-08 03:37 | 2021-03-07 18:28 |
Reporter | iohex | Assigned To | atrol | ||
Priority | normal | Severity | minor | Reproducibility | N/A |
Status | closed | Resolution | fixed | ||
Product Version | 2.25.0 | ||||
Target Version | 2.25.0 | Fixed in Version | 2.25.0 | ||
Summary | 0027853: Printing unsanitized user input in account_prof_edit_page.php | ||||
Description | Hi, I found a relfected XSS in the account_prof_edit_page.php-line: 100, the variable $f_redirect_page will be output without the function string_attrribute() protected. | ||||
Tags | No tags attached. | ||||