Fix #11240: XSS on bug_revision_view_page.php with user Real Name field

User real names aren't sanitised before display on bug_revision_view_page.php thus this leads to an XSS vulnerability.
mantisbt · Dec 1, 2009 · 71ade60 · 71ade60
1 parent 15b0752
commit 71ade60
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/bug_revision_view_page.php b/bug_revision_view_page.php
@@ -98,7 +98,7 @@ function show_revision( $t_revision ) {
 		$t_label = '';
 	}
 
-$t_by_string = sprintf( lang_get( 'revision_by' ), string_display_line( date( config_get( 'normal_date_format' ), $t_revision['timestamp'] ) ), user_get_name( $t_revision['user_id'] ) );
+$t_by_string = sprintf( lang_get( 'revision_by' ), string_display_line( date( config_get( 'normal_date_format' ), $t_revision['timestamp'] ) ), string_display_line( user_get_name( $t_revision['user_id'] ) ) );
 
 ?>
 <tr class="spacer"><td><a name="r<?php echo $t_revision['id'] ?>"></a></td></tr>