gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-06-18 02:59:27 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix security issue CVE-2020-28726

Browse Source 
escape input form field value
This commit is contained in:
Uwe Steinmann 2020-11-24 08:23:23 +01:00
parent 386e37db0d
commit 877844cbba
2 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGELOG
View File

@ -14,6 +14,8 @@
- theme in configuration can override theme of user - theme in configuration can override theme of user
- saving the settings will no longer reenable an extention with no configuration - saving the settings will no longer reenable an extention with no configuration
- put a red/green bullet before the extension name in the settings - put a red/green bullet before the extension name in the settings
- escape value of dropfolderfile in input form field created by
SeedDMS_Bootstrap_Style::getDropFolderChooserHtml() (CVE-2020-2872)
-------------------------------------------------------------------------------- --------------------------------------------------------------------------------
Changes in version 5.1.20 Changes in version 5.1.20

2
views/bootstrap/class.Bootstrap.php
View File

@ -1669,7 +1669,7 @@ $(document).ready(function() {
function getDropFolderChooserHtml($formName, $dropfolderfile="", $showfolders=0) { /* {{{ */ function getDropFolderChooserHtml($formName, $dropfolderfile="", $showfolders=0) { /* {{{ */
$content = "<div class=\"input-append\">\n"; $content = "<div class=\"input-append\">\n";
$content .= "<input readonly type=\"text\" id=\"dropfolderfile".$formName."\" name=\"dropfolderfile".$formName."\" value=\"".$dropfolderfile."\">"; $content .= "<input readonly type=\"text\" id=\"dropfolderfile".$formName."\" name=\"dropfolderfile".$formName."\" value=\"".htmlspecialchars($dropfolderfile)."\">";
$content .= "<button type=\"button\" class=\"btn\" id=\"clearfilename".$formName."\"><i class=\"fa fa-remove\"></i></button>"; $content .= "<button type=\"button\" class=\"btn\" id=\"clearfilename".$formName."\"><i class=\"fa fa-remove\"></i></button>";
$content .= $this->getModalBoxLink( $content .= $this->getModalBoxLink(
array( array(