View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
14634 | Bug reports | Security | public | 2019-03-12 13:50 | 2019-04-02 16:39 |
Reporter | Assigned To | DenisChenu | |||
Priority | none | Severity | partial_block | ||
Status | closed | Resolution | fixed | ||
Product Version | 3.16.x | ||||
Fixed in Version | 3.17.x | ||||
Summary | 14634: XSS Attack Vector - KCFinder | ||||
Description | KCFinder has an open attack vector by get request: | ||||
Tags | No tags attached. | ||||
Bug heat | 254 | ||||
Complete LimeSurvey version number (& build) | 3.16.0 | ||||
I will donate to the project if issue is resolved | No | ||||
Browser | |||||
Database type & version | irrevelant | ||||
Server OS (if known) | |||||
Webserver software & version (if known) | |||||
PHP Version | irrevelant | ||||
I have js alert : unknow error with this link |
|
https://github.com/LimeSurvey/LimeSurvey/commit/79ae17251261f2f21ec10e750a56da1ae22fb0fa |
|
Date Modified | Username | Field | Change |
---|---|---|---|
2019-03-12 13:50 |
|
New Issue | |
2019-03-22 16:00 | DenisChenu | View Status | public => private |
2019-03-22 18:58 | DenisChenu | Note Added: 51100 | |
2019-03-23 09:25 | DenisChenu | Assigned To | => DenisChenu |
2019-03-23 09:25 | DenisChenu | Status | new => assigned |
2019-03-25 08:38 | DenisChenu | Status | assigned => resolved |
2019-03-25 08:38 | DenisChenu | Resolution | open => fixed |
2019-03-25 08:38 | DenisChenu | Note Added: 51114 | |
2019-03-25 08:38 | DenisChenu | View Status | private => public |
2019-03-25 08:41 | DenisChenu | Fixed in Version | => 3.16.x |
2019-04-02 15:45 | Mazi | Issue Monitored: Mazi | |
2019-04-02 16:39 | ollehar | Status | resolved => closed |
2019-04-02 16:39 | ollehar | Fixed in Version | 3.16.x => 3.17.x |
2021-08-10 04:33 | guest | Bug heat | 252 => 254 |