Correct missing escaping in searchResults.tpl #3805
Assignees
Labels
Bug:1:Low
A bug that does not have a severe consequence or affects a small number of users.
Milestone
Comments
asmecher
added a commit
to pkp/omp
that referenced
this issue
Jun 18, 2018
asmecher
added a commit
to pkp/omp
that referenced
this issue
Jun 18, 2018
asmecher
added a commit
to pkp/omp
that referenced
this issue
Jun 18, 2018
asmecher
added a commit
to pkp/omp
that referenced
this issue
Jun 18, 2018
|
This can be corrected for OMP between 1.2.0 and 3.1.1-1 (inclusive) by applying this patch: https://github.com/pkp/omp/commit/ebf3a701708112f4973d02f26a0b1d746dcd4970.diff OMP 1.2.0 to 3.1.1-2 additionally need the following patch: For example, on most Linux systems this should work. Run it inside the OJS installation directory. You should see the following output for each of the two commands: The issue is corrected in OMP 3.1.1-3 and newer. If you're using checkouts from git, all stable branches (e.g. |
asmecher
changed the title
asmecher
added
the
Bug:1:Low
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The searchQuery template variable presents user-supplied information without proper escaping. This permits a reflected (non-persistent) XSS attack.
Instructions to patch are here: #3805 (comment)
Affects OMP between 1.2.0 and 3.1.1-2 (inclusive).
https://nvd.nist.gov/vuln/detail/CVE-2018-12588
Thanks to Metamorfosec for discovery & reporting.
The text was updated successfully, but these errors were encountered: