Project:
| View Revisions: Issue #12034 | [ All Revisions ] [ Back to Issue ] | ||
| Summary | 0012034: Cross-site Scripting in the generated xxx_Relation.html files | ||
| Revision | 2011-11-22 18:29 by shuehner | ||
| Steps To Reproduce | The TamperData plugin for Firefox or another proxy will be needed to reproduce. Visit i.e. /openbravo/Message/Message_Relation.html while using TamperData to set inpParamSessionDate to: inpParamSessionDate=>%22%27><img%20src%3d%22javascript:alert('XSS')%22> |
||
| Revision | 2011-11-22 18:29 by shuehner | ||
| Steps To Reproduce | The TamperData plugin for Firefox or another proxy will be needed to reproduce. Visit /openbravo/Message/Message_Relation.html while using TamperData to set inpParamSessionDate to: inpParamSessionDate=>%22%27><img%20src%3d%22javascript:alert('XSS')%22> |
||
| Copyright © 2000 - 2009 MantisBT Group |
 |