Sanitize input!
Bug #835955 reported by
Daniel Holbach
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Summit |
Fix Released
|
Undecided
|
Michael Hall |
Bug Description
Putting in data such as
"><script>
in the sponsoring forms, seems to be enough to make Summit go funny.
To post a comment you must log in.
Fixed in the stable branch with the following MPs.
https:/ /code.launchpad .net/~mhall119/ summit/ xss-vulnerabili ty-fix- 2/+merge/ 73143 /code.launchpad .net/~mhall119/ summit/ xss-vulnerabili ty-fix/ +merge/ 73091
https:/
Please feel free to do a release to get it into production immediately.