rpms / mantis

Clone
Source Code
GIT

Files

  1.   17e969dd9979eed5b17251dc1ab2f622591ccfac
  2.   0003-Fix-12371-XSS-in-print_all_bug_page_word.php-project.patch
Blob Blame History Raw 
From 3bc117fc87003af07d8871f7ad81b5c999215efd Mon Sep 17 00:00:00 2001
From: Gianluca Sforna <giallu@gmail.com>
Date: Sun, 19 Sep 2010 01:29:15 +0200
Subject: [PATCH 3/3] Fix #12371: XSS in print_all_bug_page_word.php project/category names

Backport of commit bfc9e9 for bug 12238
---
 print_all_bug_page_word.php |    6 +++++-
 1 files changed, 5 insertions(+), 1 deletions(-)

diff --git a/print_all_bug_page_word.php b/print_all_bug_page_word.php
index 334736c..1f900c0 100644
--- a/print_all_bug_page_word.php
+++ b/print_all_bug_page_word.php
@@ -160,7 +160,7 @@ xmlns="http://www.w3.org/TR/REC-html40">
 		<?php echo $v_id ?>
 	</td>
 	<td class="print">
-		<?php echo "[$t_project_name] $v_category" ?>
+		<?php echo '[' . string_display_line( $t_project_name ) . '] ' . string_display_line( $v_category ) ?>
 	</td>
 	<td class="print">
 		<?php echo get_enum_element( 'severity', $v_severity ) ?>
@@ -503,7 +503,11 @@ foreach( $t_related_custom_field_ids as $t_id ) {
 							}
 							echo implode( ', ', $t_to ) . '<br />';
 						default:
+<<<<<<< HEAD
 							echo $v3_note;
+=======
+							echo string_display_links( $t_bugnote->note );
+>>>>>>> bfc9e9f... Fix #12238: XSS in print_all_bug_page_word.php project/category names
 					}
 				?>
 			</td>
-- 
1.7.2.2
Powered by Pagure 5.14.1
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.