Permalink
Browse files

system_certmanager, xss with crafted cert. for #1964

  • Loading branch information...
AdSchellevis committed Nov 28, 2017
1 parent 2b94b66 commit 1219f2f1db708f089cb5f4d41a70b0717750b11e
Showing with 4 additions and 0 deletions.
  1. +4 −0 src/www/system_certmanager.php
@@ -504,6 +504,9 @@ function () {
}
legacy_html_escape_form_data($pconfig);
legacy_html_escape_form_data($a_ca);
legacy_html_escape_form_data($a_cert);
include("head.inc");
if (empty($act)) {
@@ -643,6 +646,7 @@ function internalca_change() {
continue;
}
$subject = cert_get_subject_array($ca['crt']);
legacy_html_escape_form_data($subject);
$subject_items = array('C'=>'', 'ST' => '', 'L' => '', 'O' => '', 'emailAddress' => '', 'CN' => '');
foreach ($subject as $subject_item) {
$subject_items[$subject_item['a']] = $subject_item['v'];

0 comments on commit 1219f2f

Please sign in to comment.