Headline
CVE-2023-37307: fix: [layout:title] Make sure page title are correctly formatted · MISP/MISP@286c84f
In MISP before 2.4.172, title_for_layout is not properly sanitized in Correlations, CorrelationExclusions, and Layouts.
Commit
Permalink
Browse files
Browse the repository at this point in the history
fix: [layout:title] Make sure page title are correctly formatted
- Loading branch information
Showing 6 changed files with 6 additions and 6 deletions.
- top_correlations.ctp
- over_correlations.ctp
- top.ctp
- default.ctp
- default.ctp
- error.ctp
2 changes: 1 addition & 1 deletion app/View/CorrelationExclusions/top_correlations.ctp
Expand Up
@@ -28,7 +28,7 @@
‘data_path’ => ‘Correlation.count’
]
],
‘title’ => empty($ajax) ? $title_for_layout : false,
‘title’ => empty($ajax) ? h($title_for_layout) : false,
‘description’ => empty($ajax) ? __(‘The values with the most correlation entries.’) : false,
‘pull’ => 'right’,
‘actions’ => [
Expand Down
2 changes: 1 addition & 1 deletion app/View/Correlations/over_correlations.ctp
Expand Up
@@ -63,7 +63,7 @@ echo $this->element('genericElements/IndexTable/index_table’, [
‘element’ => ‘boolean’
]
],
‘title’ => empty($ajax) ? $title_for_layout : false,
‘title’ => empty($ajax) ? h($title_for_layout) : false,
‘description’ => empty($ajax) ? __(‘The values with the most correlation entries.’) : false,
‘pull’ => 'right’,
‘actions’ => [
Expand Down
2 changes: 1 addition & 1 deletion app/View/Correlations/top.ctp
Expand Up
@@ -43,7 +43,7 @@
‘class’ => ‘shortish’
]
],
‘title’ => empty($ajax) ? $title_for_layout : false,
‘title’ => empty($ajax) ? h($title_for_layout) : false,
‘description’ => empty($ajax) ? __(‘The values with the most correlation entries.’) : false,
‘pull’ => 'right’,
‘actions’ => [
Expand Down
2 changes: 1 addition & 1 deletion app/View/Layouts/Emails/html/default.ctp
Expand Up
@@ -19,7 +19,7 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN">
<html>
<head>
<title><?php echo $title_for_layout;?></title>
<title><?php echo h($title_for_layout);?></title>
</head>
<body>
<?php echo $this->fetch(‘content’);?>
Expand Down
2 changes: 1 addition & 1 deletion app/View/Layouts/default.ctp
Expand Up
@@ -5,7 +5,7 @@
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width">
<link rel="shortcut icon" href="<?= $baseurl ?>/img/favicon.png">
<title><?= $title_for_layout, ' - ', h(Configure::read(‘MISP.title_text’) ?: ‘MISP’) ?></title>
<title><?= h($title_for_layout), ' - ', h(Configure::read(‘MISP.title_text’) ?: ‘MISP’) ?></title>
<?php
$css = [
['bootstrap’, [‘preload’ => true]],
Expand Down
2 changes: 1 addition & 1 deletion app/View/Layouts/error.ctp
Expand Up
@@ -24,7 +24,7 @@ $cakeDescription = __d('cake_dev’, 'CakePHP: the rapid development php framework
<?php echo $this->Html->charset(); ?>
<title>
<?php echo $cakeDescription ?>:
<?php echo $title_for_layout; ?>
<?php echo h($title_for_layout); ?>
</title>
<?php
echo $this->Html->meta(‘icon’);
Expand Down
0 comments on commit 286c84f
Please sign in to comment.
Related news
MISP version 2.4.171 suffers from a persistent cross site scripting vulnerability.