0008202: Potential Cross-Site Scripting Flaws - MantisBT - Signup temporarily disabled due to spam

ID	Project	Category	View Status	Date Submitted	Last Update

0008202	mantisbt	security	public	2007-07-25 19:51	2019-05-09 10:16

Reporter	grangeway	Assigned To	grangeway
Priority	normal	Severity	minor	Reproducibility	have not tried
Status	closed	Resolution	won't fix

Summary	0008202: Potential Cross-Site Scripting Flaws
Description	A number of potential cross-site scripting flaws have been identified and fixed in 1.1.0a4 and 1.0.9
Tags	No tags attached.

vboctor 2007-07-28 03:00 manager ~0015251	Set the target version as 1.0.9. We should have a porting issue.

vboctor 2007-08-22 01:50 manager ~0015480	grangeway, would be nice to get these into 1.0.9. I think we should be releasing this soon.

vboctor 2008-03-14 00:42 manager ~0017335	Given that 1.1.x is now the stable branch. There is no need to port these fixes.

MantisBT: master 5a28be43 2007-07-26 17:59 Paul Richards Details Diff	0008202: Potential Cross-Site Scripting Flaws git-svn-id: http://mantisbt.svn.sourceforge.net/svnroot/mantisbt/trunk@4493 <a class="text" href="/?p=mantisbt.git;a=object;h=f5dc347c">f5dc347c</a>-c33d-0410-90a0-b07cc1902cb9	Affected Issues 0008202
	mod - billing_inc.php	Diff File
MantisBT: master cf4d47c5 2007-07-26 18:14 Paul Richards Details Diff	0008202: Potential Cross-Site Scripting Flaws git-svn-id: http://mantisbt.svn.sourceforge.net/svnroot/mantisbt/trunk@4494 <a class="text" href="/?p=mantisbt.git;a=object;h=f5dc347c">f5dc347c</a>-c33d-0410-90a0-b07cc1902cb9	Affected Issues 0008202
	mod - manage_config_revert.php	Diff File
	mod - core/error_api.php	Diff File
	mod - core/database_api.php	Diff File