Anonymous | Login | Signup for a new account | 12-17-2024 10:52 PST |
Main | My View | View Issues | Change Log | Docs |
Viewing Issue Simple Details [ Jump to Notes ] | [ View Advanced ] [ Issue History ] [ Print ] | ||||||||
ID | Category | Severity | Reproducibility | Date Submitted | Last Update | ||||
0004699 | [Resin] | minor | always | 08-03-11 14:11 | 08-04-11 11:22 | ||||
Reporter | jyung | View Status | public | ||||||
Assigned To | ferg | ||||||||
Priority | normal | Resolution | fixed | ||||||
Status | closed | Product Version | 4.0.20 | ||||||
Summary | 0004699: XSS vulnerability in redirect | ||||||||
Description |
Our security audit revealed an XSS vulnerability in the HTML sent with a redirect. Request: GET /?"><script>alert(document.domain)</script> HTTP/1.1 Result: The URL has moved <a href="/webapp/?"><script>alert(document.domain)</script>">here</a> |
||||||||
Additional Information | |||||||||
Attached Files | |||||||||
|
Mantis 1.0.0rc3[^]
Copyright © 2000 - 2005 Mantis Group
30 total queries executed. 26 unique queries executed. |