Headline
CVE-2022-3035: Set safeMode to true and use helper for all parsedown · snipe/snipe-it@9cf5f30
Cross-site Scripting (XSS) - Stored in GitHub repository snipe/snipe-it prior to v6.0.11.
@@ -22,12 +22,13 @@ class Helper
* @since [v2.0]
* @return string
*/
public static function parseEscapedMarkedown($str)
public static function parseEscapedMarkedown($str = null)
{
$Parsedown = new \Parsedown();
$Parsedown->setSafeMode(true);
if ($str) {
return $Parsedown->text(e($str));
return $Parsedown->text($str);
}
}
@@ -2,6 +2,7 @@
namespace App\Models;
use App\Helpers\Helper;
use App\Models\Traits\Acceptable;
use App\Models\Traits\Searchable;
use App\Presenters\Presentable;
@@ -299,15 +300,14 @@ public function requireAcceptance()
*/
public function getEula()
{
$Parsedown = new \Parsedown();
if ($this->category->eula_text) {
return $Parsedown->text(e($this->category->eula_text));
return Helper::parseEscapedMarkedown($this->category->eula_text);
} elseif ((Setting::getSettings()->default_eula_text) && ($this->category->use_default_eula == ‘1’)) {
return $Parsedown->text(e(Setting::getSettings()->default_eula_text));
return Helper::parseEscapedMarkedown(Setting::getSettings()->default_eula_text);
}
return null;
return null;
}
/**
@@ -5,6 +5,7 @@
use App\Events\AssetCheckedOut;
use App\Events\CheckoutableCheckedOut;
use App\Exceptions\CheckoutNotAllowed;
use App\Helpers\Helper;
use App\Http\Traits\UniqueSerialTrait;
use App\Http\Traits\UniqueUndeletedTrait;
use App\Models\Traits\Acceptable;
@@ -875,13 +876,12 @@ public function requireAcceptance()
*/
public function getEula()
{
$Parsedown = new \Parsedown();
if (($this->model) && ($this->model->category)) {
if ($this->model->category->eula_text) {
return $Parsedown->text(e($this->model->category->eula_text));
return Helper::parseEscapedMarkedown($this->model->category->eula_text);
} elseif ($this->model->category->use_default_eula == ‘1’) {
return $Parsedown->text(e(Setting::getSettings()->default_eula_text));
return Helper::parseEscapedMarkedown(Setting::getSettings()->default_eula_text);
} else {
return false;
}
@@ -9,6 +9,7 @@
use Illuminate\Database\Eloquent\SoftDeletes;
use Illuminate\Support\Facades\Gate;
use Watson\Validating\ValidatingTrait;
use App\Helpers\Helper;
/**
* Model for Categories. Categories are a higher-level group
@@ -207,12 +208,11 @@ public function models()
*/
public function getEula()
{
$Parsedown = new \Parsedown();
if ($this->eula_text) {
return $Parsedown->text(e($this->eula_text));
return Helper::parseEscapedMarkedown($this->eula_text);
} elseif ((Setting::getSettings()->default_eula_text) && ($this->use_default_eula == ‘1’)) {
return $Parsedown->text(e(Setting::getSettings()->default_eula_text));
return Helper::parseEscapedMarkedown(Setting::getSettings()->default_eula_text);
} else {
return null;
}
@@ -2,6 +2,7 @@
namespace App\Models;
use App\Helpers\Helper;
use App\Models\Traits\Acceptable;
use App\Models\Traits\Searchable;
use App\Presenters\Presentable;
@@ -265,12 +266,10 @@ public function requireAcceptance()
*/
public function getEula()
{
$Parsedown = new \Parsedown();
if ($this->category->eula_text) {
return $Parsedown->text(e($this->category->eula_text));
return Helper::parseEscapedMarkedown($this->category->eula_text);
} elseif ((Setting::getSettings()->default_eula_text) && ($this->category->use_default_eula == ‘1’)) {
return $Parsedown->text(e(Setting::getSettings()->default_eula_text));
return Helper::parseEscapedMarkedown(Setting::getSettings()->default_eula_text);
} else {
return null;
}
@@ -2,6 +2,7 @@
namespace App\Models;
use App\Helpers\Helper;
use App\Models\Traits\Searchable;
use App\Presenters\Presentable;
use Carbon\Carbon;
@@ -337,12 +338,11 @@ public function requireAcceptance()
*/
public function getEula()
{
$Parsedown = new \Parsedown();
if ($this->category->eula_text) {
return $Parsedown->text(e($this->category->eula_text));
return Helper::parseEscapedMarkedown($this->category->eula_text);
} elseif ($this->category->use_default_eula == ‘1’) {
return $Parsedown->text(e(Setting::getSettings()->default_eula_text));
return Helper::parseEscapedMarkedown(Setting::getSettings()->default_eula_text);
} else {
return false;
}
@@ -8,9 +8,10 @@
use Illuminate\Support\Collection;
use Illuminate\Support\Facades\App;
use Illuminate\Support\Facades\Cache;
use Parsedown;
use App\Helpers\Helper;
use Watson\Validating\ValidatingTrait;
/**
* Settings model.
*/
@@ -135,7 +136,6 @@ public static function setupCompleted(): bool
public function lar_ver(): string
{
$app = App::getFacadeApplication();
return $app::VERSION;
}
@@ -147,9 +147,7 @@ public function lar_ver(): string
public static function getDefaultEula(): ?string
{
if (self::getSettings()->default_eula_text) {
$parsedown = new Parsedown();
return $parsedown->text(e(self::getSettings()->default_eula_text));
return Helper::parseEscapedMarkedown(self::getSettings()->default_eula_text);
}
return null;
@@ -2,6 +2,8 @@
namespace App\Presenters;
use App\Helpers\Helper;
/**
* Class AssetModelPresenter
*/
@@ -159,10 +161,8 @@ public static function dataTableLayout()
*/
public function note()
{
$Parsedown = new \Parsedown();
if ($this->model->note) {
return $Parsedown->text($this->model->note);
return Helper::parseEscapedMarkedown($this->model->note);
}
}
@@ -28,7 +28,7 @@
@if ($snipeSettings->login_note)
<div class="col-md-12">
<div class="alert alert-info">
{!! Parsedown::instance()->text(e($snipeSettings->login_note)) !!}
{!! Helper::parseEscapedMarkedown($snipeSettings->login_note) !!}
</div>
</div>
@endif
@@ -17,7 +17,7 @@
<div class="box-body">
<div class="row">
<div class="col-md-12">
{!! Parsedown::instance()->text(e($snipeSettings->dashboard_message)) !!}
{!! Helper::parseEscapedMarkedown($snipeSettings->dashboard_message) !!}
</div>
</div>
</div>
@@ -827,7 +827,7 @@
</div>
@if ($snipeSettings->footer_text!=’’)
<div class="pull-right">
{!! Parsedown::instance()->text(e($snipeSettings->footer_text)) !!}
{!! Helper::parseEscapedMarkedown($snipeSettings->footer_text) !!}
</div>
@endif
0 comments on commit 9cf5f30
Please sign in to comment.