Project and Project issue tracking XSS
Several fields are not passed through checkplain on display. A malicious user could use these fields to insert and execute XSS Cross Site Scripting. This may lead to administrator access if certain conditions are met. Additionally, certain error messages are generated that include potentially...