Skip to content

Commit 46e3d3a

Browse files
committed
Fix possible XSS attack due to user's real name not being escaped
1 parent ae541df commit 46e3d3a

File tree

1 file changed

+6
-6
lines changed

1 file changed

+6
-6
lines changed

Diff for: useradmin/user-lib.pl

+6-6
Original file line numberDiff line numberDiff line change
@@ -2316,11 +2316,11 @@ sub users_table
23162316
push(@cols, "") if ($anyedit && $u->{'noedit'});
23172317
push(@cols, &user_link($u));
23182318
push(@cols, $u->{'uid'});
2319-
push(@cols, $gidgrp{$u->{'gid'}}||$u->{'gid'});
2320-
push(@cols, $u->{'real'});
2321-
push(@cols, $u->{'home'});
2322-
push(@cols, $u->{'shell'});
2323-
push(@cols, $llogin{$u->{'user'}}) if ($lshow);
2319+
push(@cols, $gidgrp{$u->{'gid'}} || $u->{'gid'});
2320+
push(@cols, &html_escape($u->{'real'}));
2321+
push(@cols, &html_escape($u->{'home'}));
2322+
push(@cols, &html_escape($u->{'shell'}));
2323+
push(@cols, &html_escape($llogin{$u->{'user'}})) if ($lshow);
23242324
if ($u->{'noedit'}) {
23252325
print &ui_columns_row(\@cols, \@tds);
23262326
}
@@ -2387,7 +2387,7 @@ sub groups_table
23872387
push(@cols, &group_link($g));
23882388
push(@cols, $g->{'gid'});
23892389
if ($anydesc) {
2390-
push(@cols, $g->{'desc'});
2390+
push(@cols, &html_escape($g->{'desc'}));
23912391
}
23922392
push(@cols, &html_escape($members));
23932393
if ($g->{'noedit'} || !$access{'gdelete'}) {

0 commit comments

Comments
 (0)