From ccbbfc317935408475246aa51d8babc6d5ebb8ec Mon Sep 17 00:00:00 2001 From: Steffen Gebert Date: Wed, 15 Aug 2012 12:17:18 +0200 Subject: [PATCH] [SECURITY] XSS in Indexed Search statistics Indexed Search statistics module is vulnerable to persistent XSS attack injected by arbitrary frontend users. Change-Id: I9298b5d1808cef9d123d4b9c3867f1f55dfe4efe Fixes: #31927 Releases: 6.0, 4.7, 4.6, 4.5 Security-Commit: f16df3528cb66183fd7371cf6a64f7f7da98dd74 Security-Bulletin: TYPO3-CORE-SA-2012-004 Reviewed-on: http://review.typo3.org/13736 Reviewed-by: Oliver Hader Tested-by: Oliver Hader --- .../indexed_search/modfunc2/class.tx_indexedsearch_modfunc2.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/typo3/sysext/indexed_search/modfunc2/class.tx_indexedsearch_modfunc2.php b/typo3/sysext/indexed_search/modfunc2/class.tx_indexedsearch_modfunc2.php index b6848415a32a..85fd3efd3e7b 100644 --- a/typo3/sysext/indexed_search/modfunc2/class.tx_indexedsearch_modfunc2.php +++ b/typo3/sysext/indexed_search/modfunc2/class.tx_indexedsearch_modfunc2.php @@ -164,7 +164,7 @@ class tx_indexedsearch_modfunc2 extends t3lib_extobjbase { if ($res) { while ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) { $i++; - $table1.=''.$i.'.'.$row['word'].'  '.$row['c'].''; + $table1 .= '' . $i . '.' . htmlspecialchars($row['word']) . '  ' . $row['c'] . ''; } } -- 2.20.1