Headline
CVE-2023-0791: fix: added missing escaping of newly added values · thorsten/phpMyFAQ@26663ef
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.11.
@@ -243,6 +243,10 @@ class="btn btn-danger pmf-instance-delete" const admin = $(‘#admin’).val(); const password = $(‘#password’).val();
const escape = (unsafe) => { return unsafe.replaceAll('&’, ‘&’).replaceAll('<’, ‘<’).replaceAll('>’, ‘>’).replaceAll('"’, ‘"’).replaceAll(“’", ‘’’); }
$.ajax({ url: 'index.php’, type: 'GET’, @@ -256,8 +260,8 @@ class="btn btn-danger pmf-instance-delete” '<tr id="row-instance-' + data.added + ‘">’ + ‘<td>’ + data.added + ‘</td>’ + ‘<td><a href="’ + data.url + ‘">’ + data.url + ‘</a></td>’ + ‘<td>’ + instance + ‘</td>’ + ‘<td>’ + comment + ‘</td>’ + ‘<td>’ + escape(instance) + ‘</td>’ + ‘<td>’ + escape(comment) + ‘</td>’ + ‘<td>’ + ‘<a href="?action=editinstance&instance_id=’ + data.added + ‘" class="btn btn-info"><i aria-hidden="true" class="fa fa-pencil"></i></a>’ +
Related news
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.11.