[SECURITY] XSS in (old) extension manager information function 98/30298/2
authorNicole Cordes <typo3@cordes.co>
Thu, 22 May 2014 07:33:22 +0000 (09:33 +0200)
committerOliver Hader <oliver.hader@typo3.org>
Thu, 22 May 2014 07:33:26 +0000 (09:33 +0200)
Needs to be fixed also in 6.x, but the affected function is not
used anymore.

Change-Id: I434689d4065496330a92e7086ec6899ddff1d2d6
Fixes: #54111
Fixes: #54113
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit: 383664ef458c2b978666311d294591d96a2d0eb9
Security-Bulletin: TYPO3-CORE-SA-2014-001
Reviewed-on: https://review.typo3.org/30298
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
typo3/sysext/core/Classes/TypoScript/ConfigurationForm.php

index 77bae2e..79316ec 100644 (file)
@@ -144,7 +144,7 @@ class ConfigurationForm extends \TYPO3\CMS\Core\TypoScript\ExtendedTemplateServi
                $content = '';
                $content .= \TYPO3\CMS\Core\Utility\GeneralUtility::wrapJS('
                        function uFormUrl(aname) {
-                               document.' . $this->ext_CEformName . '.action = "' . \TYPO3\CMS\Core\Utility\GeneralUtility::linkThisScript() . '#"+aname;
+                               document.' . $this->ext_CEformName . '.action = ' . \TYPO3\CMS\Core\Utility\GeneralUtility::quoteJSvalue(\TYPO3\CMS\Core\Utility\GeneralUtility::linkThisScript() . '#') . '+aname;
                        }
                ');
                if ($addFormTag) {