[SECURITY] t3lib_div::quoteJSvalue allows XSS
authorHelmut Hummel <helmut.hummel@typo3.org>
Wed, 15 Aug 2012 10:17:12 +0000 (12:17 +0200)
committerOliver Hader <oliver.hader@typo3.org>
Wed, 15 Aug 2012 10:17:15 +0000 (12:17 +0200)
commitf0464572249391f6a56c0601797fcb5900c39eb2
tree7791e2200a463ff1980c12506defd8efe68538ba
parent7f17bf67977989eccc1b5a6792df65f4c3f69380
[SECURITY] t3lib_div::quoteJSvalue allows XSS

When t3lib_div::quoteJSvalue() was used with second
parameter set to TRUE closing HTML script tags were
not escaped correctly.

Now every character except harmless ones is encoded
to a hex representation.

Change-Id: Iab6793a3028976c4283cda466a2d3c6799b2554e
Releases: 6.0, 4.7, 4.6, 4.5
Fixes: #23226
Security-Commit: 70901d7dab2ba8cd314e931e98c3ec84b08fd0fb
Security-Bulletin: TYPO3-CORE-SA-2012-004
Reviewed-on: http://review.typo3.org/13735
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
t3lib/class.t3lib_div.php
t3lib/codec/class.t3lib_codec_javascriptencoder.php [new file with mode: 0644]
t3lib/core_autoload.php
tests/t3lib/codec/t3lib_codec_javascriptencoderTest.php [new file with mode: 0644]
tests/t3lib/t3lib_divTest.php