Skip to content
Permalink
Browse files Browse the repository at this point in the history
Sanitize private message title
This fixes an XSS vulnerability.

Refs #3002
  • Loading branch information
Yorwba committed Oct 30, 2022
1 parent d0c5e23 commit 9111077
Show file tree
Hide file tree
Showing 3 changed files with 3 additions and 3 deletions.
2 changes: 1 addition & 1 deletion src/Template/Email/html/new_private_message.ctp
Expand Up @@ -2,7 +2,7 @@
echo $this->Html->tag("p", "You have received a private message from <strong>$sender</strong>.");

echo $this->Html->div(null,
"<strong>Title:</strong> $title",
"<strong>Title:</strong> ".h($title),
array('style' => 'background:#666666;color:#ffffff;padding:10px;')
);

Expand Down
2 changes: 1 addition & 1 deletion src/Template/PrivateMessages/folder.ctp
Expand Up @@ -138,7 +138,7 @@ $this->set('title_for_layout', $this->Pages->formatTitle(
<md-list-item class="md-2-line <?= $unread ?>" href="<?= $url ?>">
<?= $this->Members->image($user, array('class' => 'md-avatar')); ?>
<div class="md-list-item-text" layout="column">
<h3><?= $this->safeForAngular($messageTitle) ?></h3>
<h3><?= h($this->safeForAngular($messageTitle)) ?></h3>
<p>
<?php
echo $label;
Expand Down
2 changes: 1 addition & 1 deletion src/Template/PrivateMessages/show.ctp
Expand Up @@ -54,7 +54,7 @@ $this->set('title_for_layout', $this->Pages->formatTitle(
<md-toolbar class="md-hue-1">
<div class="md-toolbar-tools">
<h2 flex>
<?= $this->safeForAngular($message->title) ?>
<?= h($this->safeForAngular($message->title)) ?>
</h2>
</div>
</md-toolbar>
Expand Down

0 comments on commit 9111077

Please sign in to comment.