Headline
CVE-2022-3123: SECURITY fix difftype handling. #3761 · splitbrain/dokuwiki@63e9a24
Cross-site Scripting (XSS) - Reflected in GitHub repository splitbrain/dokuwiki prior to 2022-07-31a.
@@ -105,13 +105,14 @@ protected function handle() }
// requested diff view type $mode = '’; if ($INPUT->has(‘difftype’)) { $this->preference[‘difftype’] = $INPUT->str(‘difftype’); $mode = $INPUT->str(‘difftype’); } else { // read preference from DokuWiki cookie. PageDiff only $mode = get_doku_pref('difftype’, null); if (isset($mode)) $this->preference[‘difftype’] = $mode; } if(in_array($mode, [‘inline’,’sidebyside’])) $this->preference[‘difftype’] = $mode;
if (!$INPUT->has(‘rev’) && !$INPUT->has(‘rev2’)) { global $INFO, $REV; @@ -222,7 +223,7 @@ public function show()
// display diff view table echo '<div class="table">’; echo '<table class="diff diff_’.$this->preference[‘difftype’] .’">’; echo '<table class="diff diff_’.hsc($this->preference[‘difftype’]) .’">’;
//navigation and header switch ($this->preference[‘difftype’]) {