Gitiles
Code Review Sign In
git.eclipse.org / babel / server / refs/tags/R_0_202111041130^! / .
commit4127b863652f34434e98f771841e540112ce0b29[log] [tgz]
authorKit Lo <kitlo@us.ibm.com>Thu Nov 04 11:34:54 2021 -0400
committerKit Lo <kitlo@us.ibm.com>Thu Nov 04 11:34:54 2021 -0400
tree162be4fe16bce824acb27964dc585ee1306ac1fe
parent05017b8445fe3adfab9caa3d4ffcbbf773320fdb [diff]
Bug 571441 - [security] Found XSS Vulnerability on your Sub domain

Change-Id: I8b00422b7941efc844d6584b9cb54850331ff7da
Signed-off-by: Kit Lo <kitlo@us.ibm.com>

diff --git a/html/content/en_recent_html_list.php b/html/content/en_recent_html_list.php
index 73ede20..9b76149 100644
--- a/html/content/en_recent_html_list.php
+++ b/html/content/en_recent_html_list.php

@@ -40,14 +40,13 @@
 		}
 		
 		echo "<li>" . 
-			substr($myrow['created_on'],11,5) . " " . $myrow['string_value'] . 
-				" -> " . $myrow['translation'] .
-				// [281434] Syncup overuses the "possibly incorrect" flag
-				// $fuzzy .
-				" [" . $myrow['language'] . ": <a href='translate.php?project=" . $myrow['project_id'] . "&version=" . $myrow['version'] . "&file=" . $myrow['name'] . "&string=" . $myrow['string_key'] . "'>" .$myrow['string_key'] . "</a>] <b>" . 
-				$myrow['project_id'] . " " . 
-				$myrow['version'] . "</b> 
-				(<a href='?userid=" . $myrow['userid'] . "'>" . $myrow['who'] . "</a>)"; 
+			substr($myrow['created_on'],11,5) . " " . htmlspecialchars($myrow['string_value']) . " -> " . htmlspecialchars($myrow['translation']) .
+			// [281434] Syncup overuses the "possibly incorrect" flag
+			// $fuzzy .
+			" [" . $myrow['language'] . ": <a href='translate.php?project=" . $myrow['project_id'] . "&version=" . $myrow['version'] . "&file=" . $myrow['name'] . "&string=" . $myrow['string_key'] . "'>" .$myrow['string_key'] . "</a>] <b>" . 
+			$myrow['project_id'] . " " . 
+			$myrow['version'] . "</b> 
+			(<a href='?userid=" . $myrow['userid'] . "'>" . $myrow['who'] . "</a>)"; 
 		echo "</li>";
 		
 		// $myrow['string_key'] . " " . 

diff --git a/html/recent.php b/html/recent.php
index 63a0fc7..03e3748 100644
--- a/html/recent.php
+++ b/html/recent.php

@@ -58,7 +58,7 @@
 	$incfile 		= "content/en_recent_rss.php";
 }
 $s_value	= getHTTPParameter("s_value");
-$s_value	= trim($s_value);
+$s_value	= htmlspecialchars(trim($s_value));
 if ($s_value !== '') {
 	$s_value_in_sql = $s_value . '%';
 } else {
@@ -89,7 +89,7 @@
 }
 if($s_value_in_sql !== "") {
 	$where = addAndIfNotNull($where) . "s.value like ";
-	$where .= returnQuotedString(sqlSanitize($s_value_in_sql, $dbh));
+	$where .= returnQuotedString(sqlSanitize(htmlspecialchars_decode($s_value_in_sql), $dbh));
 }
 if($USERID != "") {
 	$where = addAndIfNotNull($where) . "u.userid = ";