|
Mantis - Resin
|
|||||
| Viewing Issue Advanced Details | |||||
|
|
|||||
| ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
| 4699 | minor | always | 08-03-11 14:11 | 08-04-11 11:22 | |
|
|
|||||
| Reporter: | jyung | Platform: | |||
| Assigned To: | ferg | OS: | |||
| Priority: | normal | OS Version: | |||
| Status: | closed | Product Version: | 4.0.20 | ||
| Product Build: | Resolution: | fixed | |||
| Projection: | none | ||||
| ETA: | none | Fixed in Version: | 4.0.21 | ||
|
|
|||||
| Summary: | 0004699: XSS vulnerability in redirect | ||||
| Description: |
Our security audit revealed an XSS vulnerability in the HTML sent with a redirect. Request: GET /?"><script>alert(document.domain)</script> HTTP/1.1 Result: The URL has moved <a href="/webapp/?"><script>alert(document.domain)</script>">here</a> |
||||
| Steps To Reproduce: | |||||
| Additional Information: | |||||
| Relationships | |||||
| Attached Files: | |||||
| Notes | |||||
|
|
|||||
|
|
||||