0005748: Javascript XSS vulnerability

ID	Project	Category	View Status	Date Submitted	Last Update
0005748	mantisbt	security	public	2005-06-08 18:20	2005-07-23 02:28

Reporter	spud	Assigned To	vboctor
Priority	normal	Severity	minor	Reproducibility	always
Status	closed	Resolution	duplicate
Product Version	1.0.0a3

Summary	0005748: Javascript XSS vulnerability
Description	I had a user create an "issue" that contained <script>alert("your bug tracking is vulnearble to xss");</script> For the most part, it is rendered ineffective, which is nice. However, upon attempting to delete this bogus entry, I clicked the "Delete Issue" button, which started to load bug_actiongroup_page.php. Just before the page finished loading, what happened? I got a javascript alert that said "your bug tracking is vulnearble to xss"! So indeed it is...at least if you try to delete it!
Additional Information	PS: Sorry for the dupe of the custom field bug earlier! I didn't look hard enough for it before submitting. The CVS patch works great!
Tags	No tags attached.

spud 2005-06-08 18:38 reporter ~0010440	Ack! My net connection kept dropping, so I never got to the "Submitted" page, and figured it wasn't! Huge apologies, I know how annoying this is...