Headline
CVE-2022-4647: update · microweber/microweber@20df566
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.2.
@@ -221,7 +221,14 @@ public function load($markup, $contentType = null, $newDocumentID = null) } if ($loaded) { // $this->document->formatOutput = true; $this->document->formatOutput = false; $this->document->preserveWhiteSpace = true;
$this->document->validateOnParse=false; $this->document->strictErrorChecking=false; $this->document->recover=false;
$this->xpath = new DOMXPath($this->document); $this->afterMarkupLoad();
@@ -294,11 +301,21 @@ protected function documentCreate($charset, $version = ‘1.0’) if (!$version) { $version = '1.0’; }
libxml_use_internal_errors(true);
$this->document = new DOMDocument($version, $charset); $this->charset = $this->document->encoding; // $this->document->encoding = $charset; $this->document->formatOutput = true; // $this->document->formatOutput = true; $this->document->formatOutput = false; // $this->document->standalone = true; $this->document->preserveWhiteSpace = true;
$this->document->validateOnParse=false; $this->document->strictErrorChecking=false; $this->document->recover=false; }
protected function loadMarkupHTML($markup, $requestedCharset = null) @@ -378,7 +395,15 @@ protected function loadMarkupHTML($markup, $requestedCharset = null) ? $this->document->loadHTML($markup) : @$this->document->loadHTML($markup); */
$return = @$this->document->loadHTML($markup); // $return = @$this->document->loadHTML($markup); $return = @$this->document->loadHTML($markup, LIBXML_SCHEMA_CREATE | LIBXML_HTML_NOIMPLIED | LIBXML_HTML_NODEFDTD | LIBXML_NOERROR | LIBXML_NONET | LIBXML_NOWARNING );
if ($return) { $this->root = $this->document; @@ -763,6 +788,10 @@ private function documentFragmentLoadMarkup($fragment, $charset, $markup = null) .’<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" ' .’"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">’ .’<fake xmlns="http://www.w3.org/1999/xhtml">’.$markup.’</fake>’);
/* $fragment->loadMarkupXML(‘<?xml version="1.0" encoding="’.$charset.’"?>’*/ // . phpQuery::$defaultDoctype.’’ // .’<fake xmlns="http://www.w3.org/1999/xhtml">’.$markup.’</fake>’); $fragment->root = $fragment->document->firstChild->nextSibling; } else { $fragment->loadMarkupXML(‘<?xml version="1.0" encoding="’.$charset.’"?><fake>’.$markup.’</fake>’); @@ -5079,8 +5108,10 @@ abstract class phpQuery * * @var unknown_type */ public static $defaultDoctype = '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" public static $defaultDoctype_old = '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">’;
public static $defaultDoctype = '<!doctype html>’; public static $defaultCharset = 'UTF-8’;
/**
Related news
Microweber versions 1.3.1 and prior are vulnerable to stored Cross-site Scripting (XSS). A patch is available on the 1.4, dev, and laravel-sail branches.