Commit ef822794 authored by lpsolit%gmail.com's avatar lpsolit%gmail.com

Bug 355728: [SECURITY] XSS in the "id" parameter of showdependencygraph.cgi when…

Bug 355728: [SECURITY] XSS in the "id" parameter of showdependencygraph.cgi when "doall" is set - Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit a=justdave
parent 79b57226
......@@ -577,11 +577,10 @@ every login cookie Bugzilla has ever given out.)
Version 2.22.1
--------------
The Bugzilla team fixed two Information Leaks and two Cross-Site
The Bugzilla team fixed two Information Leaks and three Cross-Site
Scripting vulnerabilities that existed in versions of Bugzilla
prior to 2.22.1. None of them are considered to be of critical
severity, but we still strongly recommend that you update any
2.22 installation to 2.22.1.
prior to 2.22.1. We strongly recommend that you update any 2.22
installation to 2.22.1, to be protected from these vulnerabilities.
In addition, we have made an enhancement to security in this version
of Bugzilla. In previous versions, it was possible for malicious
......
......@@ -276,7 +276,9 @@ foreach my $f (@files)
}
}
$vars->{'bug_id'} = $cgi->param('id');
# Make sure we only include valid integers (protects us from XSS attacks).
my @bugs = grep(detaint_natural($_), split(/[\s,]+/, $cgi->param('id')));
$vars->{'bug_id'} = join(', ', @bugs);
$vars->{'multiple_bugs'} = ($cgi->param('id') =~ /[ ,]/);
$vars->{'doall'} = $cgi->param('doall');
$vars->{'rankdir'} = $rankdir;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment