Commit c3000200 authored by Oliver Hader's avatar Oliver Hader
Browse files

Fixed bug #13558: XSS in t3lib_querygenerator

git-svn-id: https://svn.typo3.org/TYPO3v4/Core/branches/TYPO3_4-1@7633 709f56b5-9817-0410-a4d7-c38de5d9e867
parent e4298102
......@@ -8,6 +8,7 @@
* Fixed bug #11620: XSS vulnerability in task center module (thanks to Georg Ringer)
* Fixed bug #12628: XSS in sysext sys_action (thanks to Georg Ringer)
* Fixed bug #12634: XSS in the access module (thanks to Georg Ringer)
* Fixed bug #13558: XSS in t3lib_querygenerator (thanks to Georg Ringer)
2010-04-09 Michael Stucki <michael@typo3.org>
......
......@@ -323,7 +323,7 @@ class t3lib_fullsearch {
}
} elseif ($storeControl['REMOVE']) {
if ($storeIndex>0) {
$msg="'".$storeArray[$storeControl['STORE']]."' query entry removed!";
$msg="'" . htmlspecialchars($storeArray[$storeControl['STORE']]) . "' query entry removed!";
unset($storeArray[$storeControl['STORE']]); // Removing
$saveStoreArray=1;
}
......
......@@ -976,7 +976,7 @@ class t3lib_queryGenerator {
* @return [type] ...
*/
function formatQ($str) {
return '<font size="1" face="verdana" color="maroon"><i>'.$str.'</i></font>';
return '<font size="1" face="verdana" color="maroon"><i>' . htmlspecialchars($str) . '</i></font>';
}
/**
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment