Bug #1496
Moderator actions escaped twice
| Status: | Closed | Start date: | 03/13/2011 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: | Josh M. | % Done: | 100% |
|
| Category: | Moderation | |||
| Target version: | 1.6.7 | |||
| Reproducibility: | Always | Database Type: | ||
| Reported In MyBB Version: | 1.6.1 | Database Version: | ||
| PHP Version: | SQA assignments: | Nathan Malcolm | ||
| Browser: |
Description
Moderator actions get excaped twice. & is shown as & in the ACP and MCP.
Associated revisions
Fixes Moderator actions escaped twice (fixes #1496)
History
#1 Updated by Spencer Swords about 1 year ago
- Status changed from New to Confirmed
- SQA assignments set to Spencer
#2 Updated by Josh M. about 1 year ago
- Assignee set to Josh M.
- Target version set to 1.6.3
#3 Updated by Josh M. about 1 year ago
- Status changed from Confirmed to Resolved
#4 Updated by Spencer Swords about 1 year ago
- Status changed from Resolved to Closed
#5 Updated by Tom Moore about 1 year ago
- Target version changed from 1.6.3 to 1.6.4
#6 Updated by Alan Shepperson 3 months ago
- Status changed from Closed to Feedback
This was fixed in 1.6.4 but it's present again in 1.6.6 (not tested in 1.6.5)
#7 Updated by Nathan Malcolm 3 months ago
- SQA assignments changed from Spencer to Nathan Malcolm
This is the commit which caused the XSS vulnerability in 1.6.5. Careful not to make the same changes as in r5418.
#8 Updated by Tom Moore 3 months ago
- Target version changed from 1.6.4 to 1.6.7
Not much we can do for existing mod log entries. Only seems to affect reputation removal too, or are there other places?
#9 Updated by Tom Moore 3 months ago
- Status changed from Feedback to Resolved
- % Done changed from 0 to 100
Applied in changeset r5750.
#10 Updated by Nathan Malcolm 3 months ago
- Status changed from Resolved to Closed
I believe this only affects reputation removal. I've performed a search but cannot find any other instances where this issue occurs.