Mercurial > p > roundup > code
changeset 4577:528fe0a3af24
issue2550711 Fix XSS vulnerability when username contains HTML code.
Thanks to Thomas Arendsen Hein for reporting and patch.
| author | Ralf Schlatterbeck <rsc@runtux.com> |
|---|---|
| date | Thu, 05 Jan 2012 15:56:15 +0100 |
| parents | bce2c4254058 |
| children | 941681fec1b0 |
| files | CHANGES.txt roundup/cgi/templating.py |
| diffstat | 2 files changed, 3 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/CHANGES.txt Wed Jan 04 19:09:47 2012 +0100 +++ b/CHANGES.txt Thu Jan 05 15:56:15 2012 +0100 @@ -55,6 +55,8 @@ backported version of my proposed changes to email.header.decode_header in http://bugs.python.org/issue1079 (Ralf) +- issue2550711 Fix XSS vulnerability when username contains HTML code, + thanks to Thomas Arendsen Hein for reporting and patch. 2011-07-15: 1.4.19
--- a/roundup/cgi/templating.py Wed Jan 04 19:09:47 2012 +0100 +++ b/roundup/cgi/templating.py Thu Jan 05 15:56:15 2012 +0100 @@ -1141,7 +1141,7 @@ if dre.match(user): user = self._db.user.get(user, 'username') l.append('<tr><td>%s</td><td>%s</td><td>%s</td><td>%s</td></tr>'%( - date_s, user, self._(action), arg_s)) + date_s, cgi.escape(user), self._(action), arg_s)) if comments: l.append(self._( '<tr><td colspan=4><strong>Note:</strong></td></tr>'))