oss-sec mailing list archives
Re: CVE Request: XSS vulnerability in MantisBT 1.2.13
From: Damien Regad <dregad () mantisbt org>
Date: Sat, 15 Nov 2014 15:18:31 +0100
On 2014-11-15 02:26, P Richards wrote:
> https://github.com/mantisbt/mantisbt/commit/cabacdc291c251bfde0dc2a2c945c02cef41bf40,We fixed this issue in Master with the following commit
> and I believe I requested this to be back-ported at the time. You > modified the code not to trigger an error with the commit> https://github.com/mantisbt/mantisbt/commit/3d0625d84d5d08a998673713df1711e1d46b0b86
> and to fall back to the default of no value selected.I don't think we're talking about the same issue here. The one you describe was about the selection list in the filters, this one is in the "set configuration" box.
Current thread:
- CVE Request: XSS vulnerability in MantisBT 1.2.13 Damien Regad (Nov 14)
- RE: CVE Request: XSS vulnerability in MantisBT 1.2.13 P Richards (Nov 14)
- Re: CVE Request: XSS vulnerability in MantisBT 1.2.13 Damien Regad (Nov 15)
- Re: Re: CVE Request: XSS vulnerability in MantisBT 1.2.13 Paul Richards (Nov 15)
- Re: CVE Request: XSS vulnerability in MantisBT 1.2.13 Damien Regad (Nov 15)
- Re: CVE Request: XSS vulnerability in MantisBT 1.2.13 Damien Regad (Nov 19)
- Re: CVE Request: XSS vulnerability in MantisBT 1.2.13 Damien Regad (Nov 15)
- RE: CVE Request: XSS vulnerability in MantisBT 1.2.13 P Richards (Nov 14)
- Re: CVE Request: XSS vulnerability in MantisBT 1.2.13 cve-assign (Nov 19)
- Re: CVE Request: XSS vulnerability in MantisBT 1.2.13 Damien Regad (Nov 22)