View Issue Details

IDProjectCategoryView StatusLast Update
0019303phpList 3 applicationSecuritypublic01-10-18 11:38
PrioritynormalSeverityminorReproducibilityhave not tried
Status resolvedResolutionfixed 
Product Version3.3.3 
Target Version3.3.5Fixed in Version3.4.0 
Summary0019303: escape text message content and attachment fields using htmlentities on message page
DescriptionI have used htmlentities to escape subject, fromfield, text content and attachment fields on ?page=message&id page for proper rendering and preventing malicious tags
TagsNo tags attached.


There are no notes attached to this issue.