Defect #2017

Cross-site scripting in forum

Added by Aethedor the Mage about 9 years ago. Updated about 9 years ago.

Status:ClosedStart date:2008-10-10
Priority:UrgentDue date:
Assignee:-% Done:

0%

Category:Wiki
Target version:0.8
Resolution:Fixed Affected version:0.7.3

Description

The PRE tag in the forum is vulnerable for cross-site scripting:

hold mouse pointer here

History

#1 Updated by Jean-Philippe Lang about 9 years ago

  • Category changed from Forums to Wiki
  • Status changed from New to Closed
  • Target version set to 0.8
  • Affected version (unused) set to 0.7.3
  • Resolution set to Fixed
  • Affected version set to 0.7.3

Fixed in r1930. Thanks for pointing out.

Also available in: Atom PDF