[SECURITY] XSS in be_layout wizard 77/26177/2
authorAnja Leichsenring <aleichsenring@ab-softlab.de>
Tue, 10 Dec 2013 09:50:48 +0000 (10:50 +0100)
committerOliver Hader <oliver.hader@typo3.org>
Tue, 10 Dec 2013 09:50:52 +0000 (10:50 +0100)
commit534228488e2f6fb04e8ec8679f74a734ff032dea
tree4e0a5517b85ae3312cb8d3933734d7898bc414b6
parentb360a1a899d889e223b16a8447a0abb06b0d04ea
[SECURITY] XSS in be_layout wizard

Usage of unverified input parameters in wizard URL leads to a possible
XSS vulnerability in backend_layout wizard.
The solution is the introduction of a hmac validation of the parameters
used in JavaScript.

Change-Id: I6a9fcd43affa637fd6ac3cd08ae89212e52e6754
Fixes: #36768
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit: bcc8a321517ad50bae3dec9366f76b4e886e74e9
Security-Bulletin: TYPO3-CORE-SA-2013-004
Reviewed-on: https://review.typo3.org/26177
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
t3lib/class.t3lib_tceforms.php
typo3/sysext/cms/layout/wizard_backend_layout.php