Skip to content

Commit 5fe7091

Browse files
committed
SECURITY Sanitize messages passed to generated JS calls in FormResponse::status_message(), e.g. to avoid XSS on 'Successfully published <page title>' messages
1 parent 84f47f5 commit 5fe7091

File tree

1 file changed

+2
-2
lines changed

1 file changed

+2
-2
lines changed

Diff for: core/control/FormResponse.php

+2-2
Original file line numberDiff line numberDiff line change
@@ -148,8 +148,8 @@ static function get_page($id, $form = 'Form_EditForm', $uniquenessID = null) {
148148
* @param $status string
149149
*/
150150
static function status_message($message = "", $status = null) {
151-
$JS_message = Convert::raw2js($message);
152-
$JS_status = Convert::raw2js($status);
151+
$JS_message = Convert::raw2js(Convert::raw2xml($message));
152+
$JS_status = Convert::raw2js(Convert::raw2xml($status));
153153
if(isset($JS_status)) {
154154
self::$status_messages[$JS_status] = "statusMessage('{$JS_message}', '{$JS_status}');";
155155
} else {

0 commit comments

Comments
 (0)