From: Glenn H. <thr...@us...> - 2006-01-08 14:18:31
|
Update of /cvsroot/mantisbt/mantisbt In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv22231 Modified Files: query_store.php query_store_page.php Log Message: fix for 0006570: XSS Vulnerability in saved queries (TKADV2005-11-002) Index: query_store_page.php =================================================================== RCS file: /cvsroot/mantisbt/mantisbt/query_store_page.php,v retrieving revision 1.6 retrieving revision 1.7 diff -u -d -r1.6 -r1.7 --- query_store_page.php 12 Feb 2005 20:01:07 -0000 1.6 +++ query_store_page.php 8 Jan 2006 14:18:23 -0000 1.7 @@ -38,7 +38,7 @@ } # Check for an error - $t_error_msg = gpc_get_string( 'error_msg', null ); + $t_error_msg = string_strip_tags( gpc_get_string( 'error_msg', null ) ); if ( $t_error_msg != null ) { print "<br />$t_error_msg<br /><br />"; } Index: query_store.php =================================================================== RCS file: /cvsroot/mantisbt/mantisbt/query_store.php,v retrieving revision 1.4 retrieving revision 1.5 diff -u -d -r1.4 -r1.5 --- query_store.php 12 Feb 2005 20:01:07 -0000 1.4 +++ query_store.php 8 Jan 2006 14:18:23 -0000 1.5 @@ -19,7 +19,7 @@ auth_ensure_user_authenticated(); compress_enable(); - $f_query_name = gpc_get_string( 'query_name' ); + $f_query_name = string_strip_tags( gpc_get_string( 'query_name' ) ); $f_is_public = gpc_get_bool( 'is_public' ); $f_all_projects = gpc_get_bool( 'all_projects' ); |