Fixed bug #15733: Admin Panel is susceptible to XSS (thanks to Helmut…

… Hummel) git-svn-id: https://svn.typo3.org/TYPO3v4/Core/branches/TYPO3_4-2@8973 709f56b5-9817-0410-a4d7-c38de5d9e867
TYPO3 · Oct 6, 2010 · 893ca75 · 893ca75
1 parent 031e524
commit 893ca75
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 2 deletions.
diff --git a/ChangeLog b/ChangeLog
@@ -4,6 +4,7 @@
 	* Fixed bug #15461: RemoveXSS exposes XSS vulnerability for double encoded characters (thanks to Marcus Krause)
 	* Fixed bug #15728: Extension Manager allows to download arbitrary files beyond PATH_site or rootpath (thanks to Marcus Krause)
 	* Fixed bug #15729: Sysext setup's user simulation is susceptible to XSS (thanks to Marcus Krause)
+	* Fixed bug #15733: Admin Panel is susceptible to XSS (thanks to Helmut Hummel)
 
 2010-09-24  Steffen Gebert  <steffen@steffen-gebert.de>
 

diff --git a/t3lib/class.t3lib_tsfebeuserauth.php b/t3lib/class.t3lib_tsfebeuserauth.php
@@ -185,7 +185,7 @@ function extPrintFeAdminDialog()	{
 				if (is_array($v)) {
 					$query.= $this->extPrintFeAdminDialogHiddenFields($k,$v);
 				} else {
-					$query.= '<input type="hidden" name="'.$k.'" value="'.htmlspecialchars($v).'">'.chr(10);
+					$query .= '<input type="hidden" name="' . htmlspecialchars($k) . '" value="' . htmlspecialchars($v) . '">' . chr(10);
 				}
 			}
 		}
@@ -253,7 +253,7 @@ function extPrintFeAdminDialogHiddenFields($key,&$val)	{
 			if (is_array($v))	{
 				$out.= $this->extPrintFeAdminDialogHiddenFields($key.'['.$k.']',$v);
 			} else {
-				$out.= '<input type="hidden" name="'.$key.'['.$k.']" value="'.htmlspecialchars($v).'">'.chr(10);
+				$out.= '<input type="hidden" name="' . htmlspecialchars($key) . '[' . htmlspecialchars($k) . ']" value="' . htmlspecialchars($v) . '">' . chr(10);
 			}
 		}
 		return $out;