MantisBT: master-1.3.x 034cd07b

Diff Back to Repository
Author Committer Branch Timestamp Parent
dregad dregad master-1.3.x 2017-03-17 05:20 master-1.3.x c1d3abba
Affected Issues  0022537: CVE-2017-6973: XSS in adm_config_report.php
Changeset

Fix XSS in adm_config_report.php's action parameter

Yelin and Zhangdongsheng from VenusTech http://www.venustech.com.cn/
reported a vulnerability in the Configuration Report page, allowing an
attacker to inject arbitrary code through a crafted 'action' parameter.

Define a new set of constants (MANAGE_CONFIGACTION*) replacing the
hardcoded strings used in adm_config_report.php and adm_config_set.php.

Sanitize the 'action' parameter to ensure it is only set to one of the
allowed values

Fixes 0022537
mod - adm_config_report.php Diff File
mod - adm_config_set.php Diff File
mod - core/constant_inc.php Diff File