Headline
CVE-2022-31889: xss: Audit Log · osTicket/osTicket-plugins@047a1c3
Cross Site Scripting (XSS) vulnerability in audit/templates/auditlogs.tmpl.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae.
@@ -3,18 +3,18 @@
$qs = array();
if($_REQUEST[‘type’])
$qs += array(‘type’ => $_REQUEST[‘type’]);
$qs += array(‘type’ => Format::htmlchars($_REQUEST[‘type’]));
$type=’D’;
if ($_REQUEST[‘type’])
$type=$_REQUEST[‘type’];
$type=Format::htmlchars($_REQUEST[‘type’]);
if($_REQUEST[‘state’])
$qs += array(‘state’ => $_REQUEST[‘state’]);
$qs += array(‘state’ => Format::htmlchars($_REQUEST[‘state’]));
$state=__(‘All’);
if ($_REQUEST[‘state’])
$state=$_REQUEST[‘state’];
$state=Format::htmlchars($_REQUEST[‘state’]);
//dates
$startTime =($_REQUEST[‘startDate’] && (strlen($_REQUEST[‘startDate’])>=8))?strtotime($_REQUEST[‘startDate’]):0;
@@ -28,7 +28,7 @@
if($endTime)
$qs += array(‘endDate’ => $_REQUEST[‘endDate’]);
}
$order = AuditEntry::getOrder($_REQUEST[‘order’]);
$order = AuditEntry::getOrder(Format::htmlchars($_REQUEST[‘order’]));
$qs += array(‘order’ => (($order==’DESC’) ? ‘ASC’ : ‘DESC’));
$qstr = '&’. Http::build_query($qs);
Related news
SQL Injection vulnerability in audit/class.audit.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae via the order parameter to the getOrder function.