Skip to content
Permalink
Browse files Browse the repository at this point in the history
Fixed h1 report 819362
  • Loading branch information
mbeccati committed Jan 19, 2021
1 parent 2980cca commit 89b88ce
Show file tree
Hide file tree
Showing 4 changed files with 11 additions and 7 deletions.
4 changes: 4 additions & 0 deletions RELEASE_NOTES.txt
Expand Up @@ -30,6 +30,10 @@ What's New in Revive Adserver 5.1.0
(cl.php): it uses regular query string parameters and HMAC SHA256 signature
to ensure the destination url is not tampered with.

* Fixed a persistent XSS vulnerability caused by missing HTML escaping
when displaying the website URL in the affiliate-preview.php tag
generation page.


New Features
------------
Expand Down
Expand Up @@ -4,13 +4,13 @@
<plugin>
<name>openXInvocationTags</name>
<displayName>Invocation Tags Plugin</displayName>
<creationDate>2020-12-27</creationDate>
<creationDate>2021-01-19</creationDate>
<author>Revive Adserver</author>
<authorEmail>revive@revive-adserver.com</authorEmail>
<authorUrl>http://www.revive-adserver.com</authorUrl>
<license>LICENSE.txt</license>
<description>Plugin that provides invocation tags.</description>
<version>1.5.2</version>
<version>1.5.3</version>
<type>package</type>

<install>
Expand Down
Expand Up @@ -4,13 +4,13 @@
<plugin>
<name>oxInvocationTags</name>
<displayName>Invocation Tags Plugin</displayName>
<creationDate>2020-12-27</creationDate>
<creationDate>2021-01-19</creationDate>
<author>Revive Adserver</author>
<authorEmail>revive@revive-adserver.com</authorEmail>
<authorUrl>http://www.revive-adserver.com</authorUrl>
<license>LICENSE.txt</license>
<description>Plugin that provides invocation tags for displaying banners on websites.</description>
<version>1.5.2</version>
<version>1.5.3</version>
<oxversion>3.2.0-beta-rc3</oxversion>
<extends>invocationTags</extends>

Expand Down
Expand Up @@ -266,9 +266,9 @@ function selectElement() {
Header script
</h2>
<p>
Insert the following script at the top of every page on the {$affiliate['website']} website. This code
belongs between the <code>&lt;head&gt;</code> and <code>&lt;/head&gt;</code> tags, before any ad scripts
on the page:
Insert the following script at the top of every page on the <strong>
".htmlspecialchars($affiliate['website'])."</strong> website. This code belongs between the
<code>&lt;head&gt;</code> and <code>&lt;/head&gt;</code> tags, before any ad scripts on the page:
</p>
<pre>". htmlspecialchars($codeblock) ."</pre>
Expand Down

0 comments on commit 89b88ce

Please sign in to comment.