[SECURITY] XSS in new content element wizard 97/30297/2
authorMarcus Krause <marcus.krause@typo3.org>
Thu, 22 May 2014 07:33:17 +0000 (09:33 +0200)
committerOliver Hader <oliver.hader@typo3.org>
Thu, 22 May 2014 07:33:21 +0000 (09:33 +0200)
Sanitize user-input colPos in new content element wizard.

Change-Id: I68ee05a9113b2a0266c0be612b1a10272cb986a2
Fixes: #48695
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit: eccb66a7ed4cb872f512f611395eae4ed0226e10
Security-Bulletin: TYPO3-CORE-SA-2014-001
Reviewed-on: https://review.typo3.org/30297
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
typo3/sysext/backend/Classes/Controller/ContentElement/NewContentElementController.php

index 4803dc9..b6fddaa 100644 (file)
@@ -120,7 +120,7 @@ class NewContentElementController {
                $this->id = intval(GeneralUtility::_GP('id'));
                $this->sys_language = intval(GeneralUtility::_GP('sys_language_uid'));
                $this->R_URI = GeneralUtility::sanitizeLocalUrl(GeneralUtility::_GP('returnUrl'));
-               $this->colPos = GeneralUtility::_GP('colPos');
+               $this->colPos = (int)GeneralUtility::_GP('colPos');
                $this->uid_pid = intval(GeneralUtility::_GP('uid_pid'));
                $this->MCONF['name'] = 'xMOD_db_new_content_el';
                $this->modTSconfig = \TYPO3\CMS\Backend\Utility\BackendUtility::getModTSconfig($this->id, 'mod.wizards.newContentElement');