From 3bc117fc87003af07d8871f7ad81b5c999215efd Mon Sep 17 00:00:00 2001
From: Gianluca Sforna <giallu@gmail.com>
Date: Sun, 19 Sep 2010 01:29:15 +0200
Subject: [PATCH 3/3] Fix #12371: XSS in print_all_bug_page_word.php project/category names
Backport of commit bfc9e9 for bug 12238
---
print_all_bug_page_word.php | 6 +++++-
1 files changed, 5 insertions(+), 1 deletions(-)
diff --git a/print_all_bug_page_word.php b/print_all_bug_page_word.php
index 334736c..1f900c0 100644
--- a/print_all_bug_page_word.php
+++ b/print_all_bug_page_word.php
@@ -160,7 +160,7 @@ xmlns="http://www.w3.org/TR/REC-html40">
<?php echo $v_id ?>
</td>
<td class="print">
- <?php echo "[$t_project_name] $v_category" ?>
+ <?php echo '[' . string_display_line( $t_project_name ) . '] ' . string_display_line( $v_category ) ?>
</td>
<td class="print">
<?php echo get_enum_element( 'severity', $v_severity ) ?>
@@ -503,7 +503,11 @@ foreach( $t_related_custom_field_ids as $t_id ) {
}
echo implode( ', ', $t_to ) . '<br />';
default:
+<<<<<<< HEAD
echo $v3_note;
+=======
+ echo string_display_links( $t_bugnote->note );
+>>>>>>> bfc9e9f... Fix #12238: XSS in print_all_bug_page_word.php project/category names
}
?>
</td>
--
1.7.2.2