Headline
CVE-2022-0986: Patch out XSS in edit server (#2471) · hestiacp/hestiacp@fd42196
Reflected Cross-site Scripting (XSS) Vulnerability in GitHub repository hestiacp/hestiacp prior to 1.5.11.
Permalink
Browse files
Patch out XSS in edit server (#2471)
- Loading branch information
1 parent 91081b0 commit fd42196718a6fa7fe17b37fab0933d3cbcb3db0d
Showing with 5 additions and 1 deletion.
- +1 −0 web/edit/db/index.php
- +1 −0 web/edit/dns/index.php
- +1 −0 web/edit/mail/index.php
- +1 −0 web/edit/web/index.php
- +1 −1 web/templates/pages/edit_server.html
@@ -15,6 +15,7 @@
// Edit as someone else?
if (($_SESSION[‘userContext’] === ‘admin’) && (!empty($_GET[‘user’]))) {
$user=escapeshellarg($_GET[‘user’]);
$user_plain=htmlentities($_GET[‘user’]);
}
// List datbase
@@ -15,6 +15,7 @@
// Edit as someone else?
if (($_SESSION[‘userContext’] === ‘admin’) && (!empty($_GET[‘user’]))) {
$user=escapeshellarg($_GET[‘user’]);
$user_plain=htmlentities($_GET[‘user’]);
}
// List ip addresses
@@ -15,6 +15,7 @@
// Edit as someone else?
if (($_SESSION[‘userContext’] === ‘admin’) && (!empty($_GET[‘user’]))) {
$user=escapeshellarg($_GET[‘user’]);
$user_plain=htmlentities($_GET[‘user’]);
}
$v_username = $user;
@@ -16,6 +16,7 @@
// Edit as someone else?
if (($_SESSION[‘userContext’] === ‘admin’) && (!empty($_GET[‘user’]))) {
$user=escapeshellarg($_GET[‘user’]);
$user_plain=htmlentities($_GET[‘user’]);
}
// Get all user domains
@@ -857,7 +857,7 @@
<tr>
<td class="vst-text step-top">
<?=_(‘SSL Certificate’);?>
<span id="generate-csr"> / <a class="generate" target="_blank" href="/generate/ssl/?domain=<?=$v_hostname?>"><?=_(‘Generate CSR’);?></a></span>
<span id="generate-csr"> / <a class="generate" target="_blank" href="/generate/ssl/?domain=<?=htmlentities(trim($v_hostname,’"’));?>"><?=_(‘Generate CSR’);?></a></span>
</td>
</tr>
<tr>
0 comments on commit fd42196
Please sign in to comment.