Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: High
Fix Version/s: 4.1.1, 4.2
Affects Version/s: 3.12, 3.12.1, 3.12.2, 3.12.3, 3.13, 3.13.1, 3.13.2, 3.13.3, 3.13.4, 3.13.5, 4.0, 4.0.1, 4.0.2, 4.1
Component/s: Issue - Attachments
Labels:

Introduced in Version:
3.12

The screenshot-redirector.jsp does note escape the 'afterURL' URL parameter correctly, leading to an XSS attack vector.

Assignee:: Unassigned
Reporter:: Andreas Knecht (Inactive)
Votes:: 0 Vote for this issue
Watchers:: 2 Start watching this issue

Created:: 16/Apr/2010 5:06 AM
Updated:: 27/Mar/2019 11:58 PM
Resolved:: 19/Apr/2010 4:15 AM