* Fixed bug #12306: XSS vulnerability in module dispatcher

git-svn-id: https://svn.typo3.org/TYPO3v4/Core/trunk@6241 709f56b5-9817-0410-a4d7-c38de5d9e867

diff --git a/ChangeLog b/ChangeLog
index 3c19e40..de05267 100755 (executable)
--- a/ChangeLog
+++ b/ChangeLog
@@ -4,6 +4,7 @@
        * Fixed bug #12303: XSS vulnerability due to not proper sanitizing in function t3lib_div::quoteJSvalue (thanks to Oliver Klee)
        * Fixed bug #12304: Frame inclusion in the backend through alt_mod_frameset (thanks to Oliver Klee)
        * Fixed bug #12305: XSS vulnerability in view_help.php / tfID parameter (thanks to Oliver Klee)
+       * Fixed bug #12306: XSS vulnerability in module dispatcher
 
 2009-10-21  Sebastian Kurfuerst  <sebastian@typo3.org>
 

diff --git a/typo3/alt_main.php b/typo3/alt_main.php
index 469f08b..651df5e 100644 (file)
--- a/typo3/alt_main.php
+++ b/typo3/alt_main.php
@@ -477,7 +477,7 @@ class SC_alt_main {
                if ($module) {
                        $this->mainJScode.='
                // open in module:
-       top.goToModule(\''.$module.'\',false,\''.$params.'\');
+       top.goToModule(\''.$module.'\',false,'.t3lib_div::quoteJSvalue($params).');
                        ';
                }
        }

diff --git a/typo3/backend.php b/typo3/backend.php
index 9bd647f..0a5f978 100644 (file)
--- a/typo3/backend.php
+++ b/typo3/backend.php
@@ -550,7 +550,7 @@ class TYPO3backend {
                        });
                }
 
-               startInModule(\''.$startModule.'\', false, \''.$moduleParameters.'\');
+               startInModule(\''.$startModule.'\', false, '.t3lib_div::quoteJSvalue($moduleParameters).');
                        ';
                }
        }