Skip to content

Commit ab07a1b

Browse files
committed
[jan] SECURITY: Fix XSS vulnerability in menu bar exposed by only a few applications (Bug #14213).
1 parent 4e064a9 commit ab07a1b

File tree

3 files changed

+5
-3
lines changed

3 files changed

+5
-3
lines changed

Diff for: horde/docs/CHANGES

+2
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,8 @@
22
v5.2.9-git
33
----------
44

5+
[jan] SECURITY: Fix XSS vulnerability in menu bar exposed by only a few
6+
applications (Bug #14213).
57

68

79
------

Diff for: horde/package.xml

+2-2
Original file line numberDiff line numberDiff line change
@@ -39,7 +39,7 @@
3939
</stability>
4040
<license uri="http://www.horde.org/licenses/lgpl">LGPL-2</license>
4141
<notes>
42-
*
42+
* [jan] SECURITY: Fix XSS vulnerability in menu bar exposed by only a few applications (Bug #14213).
4343
</notes>
4444
<contents>
4545
<dir baseinstalldir="/" name="/">
@@ -4074,7 +4074,7 @@
40744074
<date>2015-10-20</date>
40754075
<license uri="http://www.horde.org/licenses/lgpl">LGPL-2</license>
40764076
<notes>
4077-
*
4077+
* [jan] SECURITY: Fix XSS vulnerability in menu bar exposed by only a few applications (Bug #14213).
40784078
</notes>
40794079
</release>
40804080
</changelog>

Diff for: horde/templates/topbar/_menubar.html.php

+1-1
Original file line numberDiff line numberDiff line change
@@ -23,7 +23,7 @@
2323
<input autocomplete="off" id="horde-search-input" type="text" />
2424
</div>
2525
<?php else: ?>
26-
<input type="text" id="horde-search-input" name="searchfield" class="formGhost" title="<?php echo $this->searchLabel ?>" />
26+
<input type="text" id="horde-search-input" name="searchfield" class="formGhost" title="<?php echo $this->h($this->searchLabel) ?>" />
2727
<?php endif ?>
2828
<input type="image" id="horde-search-icon" src="<?php echo $this->searchIcon ?>" />
2929
</form>

0 commit comments

Comments
 (0)