Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Fix possible XSS attack due to user's real name not being escaped

  • Loading branch information...
commit 46e3d3ad195dcdc1af1795c96b6e0dc778fb6881 1 parent ae541df
@jcameron jcameron authored
Showing with 6 additions and 6 deletions.
  1. +6 −6 useradmin/user-lib.pl
View
12 useradmin/user-lib.pl
@@ -2316,11 +2316,11 @@ sub users_table
push(@cols, "") if ($anyedit && $u->{'noedit'});
push(@cols, &user_link($u));
push(@cols, $u->{'uid'});
- push(@cols, $gidgrp{$u->{'gid'}}||$u->{'gid'});
- push(@cols, $u->{'real'});
- push(@cols, $u->{'home'});
- push(@cols, $u->{'shell'});
- push(@cols, $llogin{$u->{'user'}}) if ($lshow);
+ push(@cols, $gidgrp{$u->{'gid'}} || $u->{'gid'});
+ push(@cols, &html_escape($u->{'real'}));
+ push(@cols, &html_escape($u->{'home'}));
+ push(@cols, &html_escape($u->{'shell'}));
+ push(@cols, &html_escape($llogin{$u->{'user'}})) if ($lshow);
if ($u->{'noedit'}) {
print &ui_columns_row(\@cols, \@tds);
}
@@ -2387,7 +2387,7 @@ sub groups_table
push(@cols, &group_link($g));
push(@cols, $g->{'gid'});
if ($anydesc) {
- push(@cols, $g->{'desc'});
+ push(@cols, &html_escape($g->{'desc'}));
}
push(@cols, &html_escape($members));
if ($g->{'noedit'} || !$access{'gdelete'}) {
Please sign in to comment.
Something went wrong with that request. Please try again.