Skip to content

Commit e4a1976

Browse files
author
Mikael Falkvidd
committed
pnp/views/kohana_error_page: plug another XSS hole
By issuing the request GET pnp/$item?996fb"><script>alert(1)</script><"951e1=1 an alert is triggered in the meta refresh tag. The hole is plugged by not setting the URL of the meta refresh. The default behavior is to refresh the current page, which is what we want anyway. Change-Id: I6af0b15c929f95d651a576d46b99d2e1a88fe601 Signed-off-by: Mikael Falkvidd <mfalkvidd@op5.com>
1 parent f02ae9b commit e4a1976

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

Diff for: share/pnp/application/views/kohana_error_page.php

+1-1
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@
44
<head>
55
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
66
<?php if(isset ( $_SERVER['REQUEST_URI'])):?>
7-
<meta http-equiv="refresh" content="60; url=<?php echo $_SERVER['REQUEST_URI'] ?>">
7+
<meta http-equiv="refresh" content="60">
88
<?php endif ?>
99
<title><?php echo $error ?></title>
1010
<?php echo html::stylesheet('media/css/common.css') ?>

0 commit comments

Comments
 (0)