History | Log In     View a printable version of the current page.  
Issue Details (XML | Word | Printable)

Key: KTS-2178
Type: Bug Bug
Status: Closed Closed
Resolution: Fixed
Priority: Priority One: Required Priority One: Required
Assignee: Conrad Vermeulen
Reporter: criquelion
Votes: 0
Watchers: 0
Operations

If you were logged in you would be able to see more operations.
KnowledgeTree Community Edition

cross site scripting

Created: 05/Jul/07 09:14 AM   Updated: 21/Aug/07 10:54 AM
Component/s: Core
Affects Version/s: STABLE 3.4, STABLE 3.4.1
Fix Version/s: DEV 3.5

Original Estimate: Unknown Remaining Estimate: Unknown Time Spent: Unknown
Environment: 3.4 commercial edition on linux serveur
Issue Links:
Related
 
This issue is related to:
KTS-2185 Cross site scripting checks Priority One: Required Closed


 Description  « Hide
No verification is made on the characters input in the fields. on the login page for example, you can input javascript in the login field.

 All   Comments   Work Log   Change History      Sort Order:
Conrad Vermeulen - [16/Jul/07 09:27 AM ]
Please track status in KTS-2185

Fortunate Mashinini - [21/Aug/07 10:54 AM ]
Duplicate