Skip to content

Commit

Permalink
Fix XSS in bug_actiongroup.php
Browse files Browse the repository at this point in the history 
Issue summary was printed on bug_actiongroup.php without being
sanitized (CVE-2018-14895).

Fixes #24647
  • Loading branch information
@atrol @dregad
atrol authored and dregad committed Aug 6, 2018
1 parent cf5c23f commit e819735
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion bug_actiongroup.php
View file
Expand Up @@ -353,7 +353,8 @@
$separator = lang_get( 'word_separator' );
foreach( $t_failed_ids as $t_id => $t_reason ) {
$label = sprintf( lang_get( 'label' ), string_get_bug_view_link( $t_id ) ) . $separator;
printf( "<tr><td width=\"50%%\">%s%s</td><td>%s</td></tr>\n", $label, bug_get_field( $t_id, 'summary' ), $t_reason );
$t_summary = string_display_line( bug_get_field( $t_id, 'summary' ) );
printf( "<tr><td width=\"50%%\">%s%s</td><td>%s</td></tr>\n", $label, $t_summary, $t_reason );
}
echo '</div>';
echo '</table><br />';
Expand Down

0 comments on commit e819735

Please sign in to comment.