mahara-contributors team mailing list archive

Thread
Date

[Bug 802347] Re: Leaving institution and set password email not escaped for HTML

To: mahara-contributors@xxxxxxxxxxxxxxxxxxx
From: François Marier <francois@xxxxxxxxxx>
Date: Mon, 27 Jun 2011 05:23:25 -0000
Reply-to: Bug 802347 <802347@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

I don't think that this is a security problem, however, if it were, it
shouldn't be submitted to gerrit because that makes the vulnerability
public :)

** Visibility changed to: Public

** This bug is no longer flagged as a security vulnerability

** Changed in: mahara
       Status: In Progress => Fix Committed

** Changed in: mahara
    Milestone: None => 1.5.0

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
https://bugs.launchpad.net/bugs/802347

Title:
  Leaving institution and set password email not escaped for HTML

Status in Mahara ePortfolio:
  Fix Committed

Bug description:
  The email sent when a user leaves an institution and needs to set a
  password is not escaped.

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/802347/+subscriptions