Skip to content
Permalink
Browse files Browse the repository at this point in the history
Fixed issue #15681: LimeSurvey 3.21.1 Cross Site Scripting Stored
  • Loading branch information
lacrioque committed Dec 19, 2019
1 parent c64a589 commit a5f3178
Show file tree
Hide file tree
Showing 5 changed files with 5 additions and 4 deletions.
2 changes: 1 addition & 1 deletion application/views/admin/quotas/_newanswer_equation.php
Expand Up @@ -5,7 +5,7 @@
?>

<div class='row'>
<h2><?php echo sprintf(gT("New answer for quota '%s'"), $oQuota->name);?></h2>
<h2><?php echo sprintf(gT("New answer for quota '%s'"), htmlentities($oQuota->name));?></h2>
<p class="lead"><?php eT("Set equation value");?></p>
<div class='form-group'>
<div class='col-sm-5 col-sm-offset-4'>
Expand Down
2 changes: 1 addition & 1 deletion application/views/admin/quotas/newanswer_view.php
Expand Up @@ -13,7 +13,7 @@

<div class="jumbotron message-box">
<div class='row'>
<h2><?php echo sprintf(gT("New answer for quota '%s'"), $oQuota->name);?></h2>
<h2><?php echo sprintf(gT("New answer for quota '%s'"), htmlentities($oQuota->name));?></h2>
<p class="lead">
<?php eT("Select question");?>:
</p>
Expand Down
Expand Up @@ -24,7 +24,7 @@
data-remote-link="<?=App()->createUrl('admin/validate/', ["sa" => 'quota', 'sid'=>$oSurvey->getPrimaryKey(), 'quota'=>$oQuota->getPrimaryKey()])?>"
class="btn btn-default selector__quota_open_validation"
data-tooltip="true"
title="<?=sprintf(gT("Validation of quota %s"),$oQuota->name)?>"
title="<?=sprintf(gT("Validation of quota %s"),htmlentities($oQuota->name))?>"
data-toggel="modal"
data-target="quotaValidation"
>
Expand Down
Expand Up @@ -25,7 +25,7 @@
<span><span class="fa fa-external-link"></span> <?php echo gT('Autoload URL:').' '.htmlentities($oQuota->mainLanguagesetting->quotals_url);?></span>
<?php endif;?>
</div>
<?php echo viewHelper::flatEllipsizeText($oQuota->name) ;?>
<?php //echo htmlentities(viewHelper::flatEllipsizeText($oQuota->name)) ;?>
</div>
<table class="table table-quota-items table-striped table-condensed" >
<thead>
Expand Down
1 change: 1 addition & 0 deletions third_party/vimeo/psalm
Submodule psalm added at e551b2

2 comments on commit a5f3178

@Shnoulle
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We use Yii : why don't use it … CHtml::encode ?

@guramj
Copy link

@guramj guramj commented on a5f3178 Mar 1, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi,
Since this issue is already resolved, could you please assign CVE for this vulnerability? Also, would it be possible to disclose this vulnerability to public?
https://bugs.limesurvey.org/view.php?id=15681

Thanks!

Please sign in to comment.