Anonymous | Login

Project:

News | My View | View Issues | Roadmap | Summary

View Issue Details[ Jump to Notes ]

[ Issue History ] [ Print ]

ID

0003960

Type

Category

Severity

Reproducibility

Date Submitted

Last Update

defect

[Openbravo ERP] C. Security

critical

have not tried

2008-06-13 10:00

2008-08-14 16:15

Reporter

pjuvara

View Status

public

Assigned To

iperdomo

Priority

immediate

Resolution

fixed

Fixed in Version

2.40beta

Status

closed

Fix in branch

Fixed in SCM revision

Projection

none

ETA

none

Target Version

pi

OS

Linux 32 bit

Database

Oracle

Java version

1.6

OS Version

Ubuntu 7.10

Database version

10g

Ant version

1.5

Product Version

2.35MP4

SCM revision

Merge Request Status

Review Assigned To

OBNetwork customer

No

Web browser

Modules

Core

Support ticket

Regression level

Regression date

Regression introduced in release

Regression introduced by commit

Triggers an Emergency Pack

No

Summary

0003960: Cross-site scripting vulnerability

Description

Details not disclosed

Tags

No tags attached.

Relationships [ Relation Graph ] [ Dependency Graph ]

depends on

backport

closed

Cross-site scripting vulnerability

Notes
(0007906) svnbot (viewer) 2008-06-20 12:26	Repository: openbravo Revision: 5243 Author: iperdomo Date: 2008-06-20 12:26:10 +0200 (Fri, 20 Jun 2008) Fixes bug 3960: Sanitized input parameters to prevent XSS --- U trunk/src-core/src/org/openbravo/base/VariablesBase.java U trunk/src-core/src/org/openbravo/utils/FormatUtilities.java --- https://dev.openbravo.com/websvn/openbravo/?rev=5243&sc=1 [^]

Issue History
Date Modified	Username	Field	Change
2008-06-13 10:00	pjuvara	New Issue
2008-06-13 10:00	pjuvara	Assigned To	=> cromero
2008-06-13 10:00	pjuvara	OBNetwork customer	=> N
2008-06-13 10:01	pjuvara	Assigned To	cromero => iciordia
2008-06-13 10:02	pjuvara	Status	new => scheduled
2008-06-13 10:03	pjuvara	OBNetwork customer	N =>
2008-06-13 10:03	pjuvara	Target Version	=> trunk
2008-06-18 09:10	iperdomo	Assigned To	iciordia => marvintm
2008-06-19 19:23	iperdomo	Assigned To	marvintm => iperdomo
2008-06-20 12:26	svnbot	Checkin
2008-06-20 12:26	svnbot	Note Added: 0007906
2008-06-20 12:26	svnbot	Status	scheduled => resolved
2008-06-20 12:26	svnbot	Resolution	open => fixed
2008-06-20 12:26	svnbot	svn_revision	=> 5243
2008-07-02 15:31	plujan	Status	resolved => closed
2008-07-02 15:31	plujan	Fixed in Version	=> 2.40beta
2008-08-14 16:15	jaimetorre	sf_bug_id	0 => 2051555

Copyright © 2000 - 2009 MantisBT Group