Skip to content
Permalink
Browse files

Fix XSS in filter_form_draw_inputs() (CVE-2018-13055)

Ömer Çıtak, Security Researcher at Netsparker, reported this
vulnerability, allowing remote attackers to inject arbitrary code
(if CSP settings permit it) through a crafted PATH_INFO on
view_filters_page.php.

Prevent the attack by sanitizing the output of $_SERVER['PHP_SELF']
before display.

Fixes #24580
  • Loading branch information...
dregad authored and atrol committed Jul 4, 2018
1 parent ee30e00 commit 4efac90ed89a5c009108b641e2e95683791a165a
Showing with 1 addition and 0 deletions.
  1. +1 −0 core/filter_form_api.php
@@ -2394,6 +2394,7 @@ function filter_form_draw_inputs( $p_filter, $p_for_screen = true, $p_static = f
if( null === $p_static_fallback_page ) {
$p_static_fallback_page = $_SERVER['PHP_SELF'];
$p_static_fallback_page = string_sanitize_url( $_SERVER['PHP_SELF'] );
}
$t_filters_url = $p_static_fallback_page;
$t_get_params = $_GET;

0 comments on commit 4efac90

Please sign in to comment.
You can’t perform that action at this time.