Blame pnp4nagios-e4a19768a5c5e5b1276caf3dd5bb721a540ec014.patch
|
Jan ONDREJ (SAL) |
130e25c |
From e4a19768a5c5e5b1276caf3dd5bb721a540ec014 Mon Sep 17 00:00:00 2001
|
|
Jan ONDREJ (SAL) |
130e25c |
From: Mikael Falkvidd <mfalkvidd@op5.com>
|
|
Jan ONDREJ (SAL) |
130e25c |
Date: Thu, 12 Jun 2014 11:03:43 +0200
|
|
Jan ONDREJ (SAL) |
130e25c |
Subject: [PATCH] pnp/views/kohana_error_page: plug another XSS hole
|
|
Jan ONDREJ (SAL) |
130e25c |
|
|
Jan ONDREJ (SAL) |
130e25c |
By issuing the request
|
|
Jan ONDREJ (SAL) |
130e25c |
GET pnp/$item?996fb"><script>alert(1)</script><"951e1=1
|
|
Jan ONDREJ (SAL) |
130e25c |
an alert is triggered in the meta refresh tag.
|
|
Jan ONDREJ (SAL) |
130e25c |
|
|
Jan ONDREJ (SAL) |
130e25c |
The hole is plugged by not setting the URL of the meta refresh.
|
|
Jan ONDREJ (SAL) |
130e25c |
The default behavior is to refresh the current page, which is what
|
|
Jan ONDREJ (SAL) |
130e25c |
we want anyway.
|
|
Jan ONDREJ (SAL) |
130e25c |
|
|
Jan ONDREJ (SAL) |
130e25c |
Change-Id: I6af0b15c929f95d651a576d46b99d2e1a88fe601
|
|
Jan ONDREJ (SAL) |
130e25c |
|
|
Jan ONDREJ (SAL) |
130e25c |
Signed-off-by: Mikael Falkvidd <mfalkvidd@op5.com>
|
|
Jan ONDREJ (SAL) |
130e25c |
---
|
|
Jan ONDREJ (SAL) |
130e25c |
share/pnp/application/views/kohana_error_page.php | 2 +-
|
|
Jan ONDREJ (SAL) |
130e25c |
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
Jan ONDREJ (SAL) |
130e25c |
|
|
Jan ONDREJ (SAL) |
130e25c |
diff --git a/share/pnp/application/views/kohana_error_page.php b/share/pnp/application/views/kohana_error_page.php
|
|
Jan ONDREJ (SAL) |
130e25c |
index a950616..490ed62 100644
|
|
Jan ONDREJ (SAL) |
130e25c |
--- a/share/pnp/application/views/kohana_error_page.php
|
|
Jan ONDREJ (SAL) |
130e25c |
+++ b/share/pnp/application/views/kohana_error_page.php
|
|
Jan ONDREJ (SAL) |
130e25c |
@@ -4,7 +4,7 @@
|
|
Jan ONDREJ (SAL) |
130e25c |
<head>
|
|
Jan ONDREJ (SAL) |
130e25c |
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|
Jan ONDREJ (SAL) |
130e25c |
|
|
Jan ONDREJ (SAL) |
130e25c |
-<meta http-equiv="refresh" content="60; url=<?php echo $_SERVER['REQUEST_URI'] ?>">
|
|
Jan ONDREJ (SAL) |
130e25c |
+<meta http-equiv="refresh" content="60">
|
|
Jan ONDREJ (SAL) |
130e25c |
|
|
Jan ONDREJ (SAL) |
130e25c |
<title></title>
|
|
Jan ONDREJ (SAL) |
130e25c |
|
|
Jan ONDREJ (SAL) |
130e25c |
--
|
|
Jan ONDREJ (SAL) |
130e25c |
1.9.3
|
|
Jan ONDREJ (SAL) |
130e25c |
|