View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0012309 | mantisbt | security | public | 2010-08-30 02:55 | 2011-08-02 12:35 |
Reporter | atrol | Assigned To | dhx | ||
Priority | high | Severity | major | Reproducibility | always |
Status | closed | Resolution | fixed | ||
Product Version | 1.2.2 | ||||
Target Version | 1.2.3 | Fixed in Version | 1.2.3 | ||
Summary | 0012309: XSS issues when viewing Summary page | ||||
Description | Scripting code entered in summary field might be executed when displaying Summary page | ||||
Steps To Reproduce |
| ||||
Tags | No tags attached. | ||||
Attached Files | issue12309.patch (1,154 bytes)
From e789c340dd658d54276202353fe7bf6d142d5b4c Mon Sep 17 00:00:00 2001 From: Roland Becker <roland@atrol.de> Date: Thu, 2 Sep 2010 10:33:35 +0200 Subject: [PATCH] Fix #12309: XSS issues when viewing Summary page --- core/summary_api.php | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/core/summary_api.php b/core/summary_api.php index c58a678..4950f4a 100644 --- a/core/summary_api.php +++ b/core/summary_api.php @@ -333,7 +333,7 @@ function summary_print_by_activity() { foreach( $t_summarydata as $row ) { $t_bugid = string_get_bug_view_link( $row['id'] ); - $t_summary = string_html_specialchars( $row['summary'] ); + $t_summary = string_display_line( $row['summary'] ); $t_notescount = $row['count']; print "<tr " . helper_alternate_class() . ">\n"; @@ -377,7 +377,7 @@ function summary_print_by_age() { } $t_bugid = string_get_bug_view_link( $row['id'] ); - $t_summary = $row['summary']; + $t_summary = string_display_line( $row['summary'] ); $t_days_open = intval(( time() - $row['date_submitted'] ) / SECONDS_PER_DAY ); print "<tr " . helper_alternate_class() . ">\n"; -- 1.7.2.2 | ||||
Reminder sent to: dhx, jreese Please have a look at the patch and if it's OK let it become part of next version. |
|
Good find, thanks atrol. The only comment I have is that I think we should be using string_display_line() instead of string_html_specialchars() for sanitising the summary. I can fix that up in your patch when I commit it. |
|
I changed it the same way like it's done for the list of most active issues. |
|
Updated patch to use string_display_line() |
|
Thanks Roland, I've committed it at long last. Sorry for the delay! |
|
That was your first patch? Congratulations! :) |
|
It's the second, first was 0012217 :) |
|
MantisBT: master-1.2.x 085097fc 2010-09-02 04:33 Committer: dhx Details Diff |
Fix 0012309: XSS issues when viewing Summary page Signed-off-by: David Hicks <hickseydr@optusnet.com.au> |
Affected Issues 0012309 |
|
mod - core/summary_api.php | Diff File | ||
MantisBT: master 61e90d06 2010-09-02 04:33 Committer: dhx Details Diff |
Fix 0012309: XSS issues when viewing Summary page Signed-off-by: David Hicks <hickseydr@optusnet.com.au> |
Affected Issues 0012309 |
|
mod - core/summary_api.php | Diff File |