[SECURITY] XSS in header link of all content elements 25/26225/2
authorAnja Leichsenring <aleichsenring@ab-softlab.de>
Tue, 10 Dec 2013 09:55:15 +0000 (10:55 +0100)
committerOliver Hader <oliver.hader@typo3.org>
Tue, 10 Dec 2013 09:55:19 +0000 (10:55 +0100)
commit107ac8e54431fe91b851de913cf5b58cd98dd348
treee6102fb10a84162e09c4726a23c6d0768d49ca27
parent226d624a9ec74d87ebf46a7add9d355a3128e645
[SECURITY] XSS in header link of all content elements

The second typolink parameter, that is the target, can be abused to
introduce XSS code into the generated link. Escaping the parameter
with quoteJSvalue solves the problem.

Change-Id: Ie91b022a2ffed039fb365e6b0be2ea39f7096514
Fixes: #31206
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit: 484cf1aea8d3e66db547325fe4d843d50a668162
Security-Bulletin: TYPO3-CORE-SA-2013-004
Reviewed-on: https://review.typo3.org/26225
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
typo3/sysext/frontend/Classes/ContentObject/ContentObjectRenderer.php