[TS] LPS-73087 Reflected XSS in Sign In

modules/apps/collaboration/social/.gitrepo

@@ -4,8 +4,8 @@
 [subrepo]
 	autopull = false
 	cmdver = liferay
-	commit = 5761d8e72aac7477ce3a5b5c292939c23ad6519d
+	commit = 8501bf9cebcb7807cd679e1e9eb995d13ab9fc2f
 	mergebuttonmergecommits = false
 	mode = push
-	parent = 662c325ab4524c3ca8d5d883362f9710a22bb46a
+	parent = 6dc1eb45d4f1f014f4f3f19904e781b4a26b7aa5
 	remote = git@github.com:liferay/com-liferay-social.git

modules/apps/foundation/frontend-editor/.gitrepo

@@ -4,8 +4,8 @@
 [subrepo]
 	autopull = false
 	cmdver = liferay
-	commit = e53a6a81a468aa33496444a45bdbb87eaebe52f6
+	commit = 6e3c72ca4bc2a7b42f284b68f20b36ce46d01b45
 	mergebuttonmergecommits = false
 	mode = push
-	parent = 30cec7f6d0d5c19b9b17f523706c8f9cb441181d
+	parent = 6b53bbde5d7d7ecc6f15ff4ab0bb79a9fb2b8f1e
 	remote = git@github.com:liferay/com-liferay-frontend-editor.git

modules/apps/foundation/login/.gitrepo

@@ -4,8 +4,8 @@
 [subrepo]
 	autopull = false
 	cmdver = liferay
-	commit = d49e3da86fc283659dbf6ad292846acca19029f3
+	commit = 4c6113a2574d3be19cae1b64ede320b5b4700755
 	mergebuttonmergecommits = false
 	mode = push
-	parent = deb6736f26df27c1af4a516927b7ef7203bf47ab
+	parent = 0fccb247e40181dfc8651f31bb70fd5b3bb11ed1
 	remote = git@github.com:liferay/com-liferay-login.git

modules/apps/foundation/login/login-authentication-openid-connect-web/src/main/resources/META-INF/resources/com.liferay.login.web/openid_connect.jsp

@@ -31,7 +31,7 @@
 		for (String openIdConnectProviderName : openIdConnectProviderNames) {
 		%>
 
-			<aui:option label="<%= HtmlUtil.escape(openIdConnectProviderName) %>" value="<%= openIdConnectProviderName %>" />
+			<aui:option label="<%= HtmlUtil.escape(openIdConnectProviderName) %>" value="<%= HtmlUtil.escapeAttribute(openIdConnectProviderName) %>" />
 
 		<%
 		}

modules/apps/foundation/login/login-web/src/main/resources/META-INF/resources/create_account.jsp

@@ -96,7 +96,7 @@ birthdayCalendar.set(Calendar.YEAR, 1970);
 		UserPasswordException.MustComplyWithRegex upe = (UserPasswordException.MustComplyWithRegex)errorException;
 		%>
 
-		<liferay-ui:message arguments="<%= upe.regex %>" key="that-password-does-not-comply-with-the-regular-expression" translateArguments="<%= false %>" />
+		<liferay-ui:message arguments="<%= HtmlUtil.escape(upe.regex) %>" key="that-password-does-not-comply-with-the-regular-expression" translateArguments="<%= false %>" />
 	</liferay-ui:error>
 
 	<liferay-ui:error exception="<%= UserPasswordException.MustMatch.class %>" message="the-passwords-you-entered-do-not-match" />

modules/apps/foundation/login/login-web/src/main/resources/META-INF/resources/forgot_password.jsp

@@ -39,7 +39,7 @@ if (reminderAttempts == null) {
 
 	<liferay-ui:error exception="<%= CaptchaConfigurationException.class %>" message="a-captcha-error-occurred-please-contact-an-administrator" />
 	<liferay-ui:error exception="<%= CaptchaTextException.class %>" message="text-verification-failed" />
-	<liferay-ui:error exception="<%= NoSuchUserException.class %>" message='<%= "the-" + TextFormatter.format(authType, TextFormatter.K) + "-you-requested-is-not-registered-in-our-database" %>' />
+	<liferay-ui:error exception="<%= NoSuchUserException.class %>" message='<%= "the-" + TextFormatter.format(HtmlUtil.escape(authType), TextFormatter.K) + "-you-requested-is-not-registered-in-our-database" %>' />
 	<liferay-ui:error exception="<%= RequiredReminderQueryException.class %>" message="you-have-not-configured-a-reminder-query" />
 	<liferay-ui:error exception="<%= SendPasswordException.MustBeEnabled.class %>" message="password-recovery-is-disabled" />
 	<liferay-ui:error exception="<%= UserActiveException.class %>" message="your-account-is-not-active" />
@@ -133,7 +133,7 @@ if (reminderAttempts == null) {
 					%>
 
 					<div class="alert alert-info">
-						<liferay-ui:message arguments="<%= login %>" key="a-new-password-will-be-sent-to-x-if-you-can-correctly-answer-the-following-question" translateArguments="<%= false %>" />
+						<liferay-ui:message arguments="<%= HtmlUtil.escape(login) %>" key="a-new-password-will-be-sent-to-x-if-you-can-correctly-answer-the-following-question" translateArguments="<%= false %>" />
 					</div>
 
 					<aui:input autoFocus="<%= true %>" label="<%= HtmlUtil.escape(LanguageUtil.get(request, user2.getReminderQueryQuestion())) %>" name="answer" type="text" />

modules/apps/foundation/login/login-web/src/main/resources/META-INF/resources/login.jsp

@@ -84,16 +84,16 @@
 									<liferay-ui:message key="thank-you-for-creating-an-account" />
 
 									<c:if test="<%= company.isStrangersVerify() %>">
-										<liferay-ui:message arguments="<%= userEmailAddress %>" key="your-email-verification-code-was-sent-to-x" translateArguments="<%= false %>" />
+										<liferay-ui:message arguments="<%= HtmlUtil.escape(userEmailAddress) %>" key="your-email-verification-code-was-sent-to-x" translateArguments="<%= false %>" />
 									</c:if>
 								</c:when>
 								<c:otherwise>
-									<liferay-ui:message arguments="<%= userPassword %>" key="thank-you-for-creating-an-account.-your-password-is-x" translateArguments="<%= false %>" />
+									<liferay-ui:message arguments="<%= HtmlUtil.escape(userPassword) %>" key="thank-you-for-creating-an-account.-your-password-is-x" translateArguments="<%= false %>" />
 								</c:otherwise>
 							</c:choose>
 
 							<c:if test="<%= PrefsPropsUtil.getBoolean(company.getCompanyId(), PropsKeys.ADMIN_EMAIL_USER_ADDED_ENABLED) %>">
-								<liferay-ui:message arguments="<%= userEmailAddress %>" key="your-password-was-sent-to-x" translateArguments="<%= false %>" />
+								<liferay-ui:message arguments="<%= HtmlUtil.escape(userEmailAddress) %>" key="your-password-was-sent-to-x" translateArguments="<%= false %>" />
 							</c:if>
 						</div>
 					</c:when>
@@ -104,7 +104,7 @@
 						%>
 
 						<div class="alert alert-success">
-							<liferay-ui:message arguments="<%= userEmailAddress %>" key="thank-you-for-creating-an-account.-you-will-be-notified-via-email-at-x-when-your-account-has-been-approved" translateArguments="<%= false %>" />
+							<liferay-ui:message arguments="<%= HtmlUtil.escape(userEmailAddress) %>" key="thank-you-for-creating-an-account.-you-will-be-notified-via-email-at-x-when-your-account-has-been-approved" translateArguments="<%= false %>" />
 						</div>
 					</c:when>
 				</c:choose>

modules/apps/foundation/login/login-web/src/main/resources/META-INF/resources/update_account.jsp

@@ -92,7 +92,7 @@ String jobTitle = BeanParamUtil.getString(selUser, request, "jobTitle");
 	</aui:form>
 
 	<div class="alert alert-warning">
-		<liferay-ui:message arguments="<%= emailAddress %>" key="an-account-with-x-as-the-email-address-already-exists-in-the-portal.-do-you-want-to-associate-this-activity-with-that-account" translateArguments="<%= false %>" />
+		<liferay-ui:message arguments="<%= HtmlUtil.escape(emailAddress) %>" key="an-account-with-x-as-the-email-address-already-exists-in-the-portal.-do-you-want-to-associate-this-activity-with-that-account" translateArguments="<%= false %>" />
 	</div>
 
 	<aui:button name="updateUser" onClick='<%= renderResponse.getNamespace() + "updateUser();" %>' value="associate-account" />

modules/apps/foundation/petra/.gitrepo

@@ -4,8 +4,8 @@
 [subrepo]
 	autopull = false
 	cmdver = liferay
-	commit = 4077bc7d084e49d0339151c0f00a93445e4d2729
+	commit = d3a68ddb924cd94ede5e2e1460e89af9a43ddd59
 	mergebuttonmergecommits = false
 	mode = push
-	parent = 6b7677eda81b03d78406b55ad7720eb677545ccb
+	parent = cffde3dc4f06e65bb7bc000a7265ee046582034a
 	remote = git@github.com:liferay/com-liferay-petra.git