Skip to content
Permalink
Browse files

Fix XSS on filter edit page (CVE-2018-14504)

Teun Beijers reported a cross-site scripting (XSS) vulnerability in
the Edit Filter page which allows execution of arbitrary code
(if CSP settings permit it) when displaying a filter with a crafted
name.

Prevent the attack by sanitizing the filter name before display.

Fixes #24608
  • Loading branch information...
atrol committed Jul 13, 2018
1 parent 4efac90 commit 8b5fa243dbf04344a55fe880135ec149fc1f439f
Showing with 1 addition and 1 deletion.
  1. +1 −1 manage_filter_edit_page.php
@@ -124,7 +124,7 @@
<div class="form-inline">
<label>
<?php echo lang_get( 'query_name' ) ?>&nbsp;
<input type="text" size="25" name="filter_name" maxlength="64" value="<?php echo filter_get_field( $f_filter_id, 'name' ) ?>">
<input type="text" size="25" name="filter_name" maxlength="64" value="<?php echo string_display_line( filter_get_field( $f_filter_id, 'name' ) ) ?>">
</label>
</div>
</div>

0 comments on commit 8b5fa24

Please sign in to comment.
You can’t perform that action at this time.