Search Changesets
MantisBT: master-1.3.x 9e4db60a 2018-01-30 01:58 Details Diff |
Fix XSS in adm_config_report.php (CVE-2018-6403) Nguyen Tri Tuan reported this vulnerability, allowing an attacker to inject arbitrary code through a crafted 'value' parameter. Prevent the attack by sanitizing the variable before output. Fixes 0023906, 0023918 Cherry-picked from c4afcb118472fef8d3a7f468b16d874f9d6cf871. |
Affected Issues 0023906, 0023918 |
|
mod - adm_config_report.php | Diff File |