Browse Source

[fix] fixed XSS vulnerability in meeting title and added purifier on database update

tags/v1.8.2.5
ZiebaM 3 years ago
parent
commit
33c16b7a3d
2 changed files with 7 additions and 0 deletions
  1. +3
    -0
      modules/CRM/Meeting/MeetingCommon_0.php
  2. +4
    -0
      modules/Utils/RecordBrowser/RecordBrowserCommon_0.php

+ 3
- 0
modules/CRM/Meeting/MeetingCommon_0.php View File

@@ -320,6 +320,9 @@ class CRM_MeetingCommon extends ModuleCommon {
return CRM_ContactsCommon::display_contacts_with_notification('crm_meeting', $record, $nolink, $desc);
}
public static function display_title($record, $nolink=false) {
Utils_SafeHtml_SafeHtml::setSafeHtml(new Utils_SafeHtml_HtmlPurifier());
$record['title'] = Utils_SafeHtml_SafeHtml::outputSafeHtml($record['title']);
$record['description'] = Utils_SafeHtml_SafeHtml::outputSafeHtml($record['description']);
$ret = Utils_RecordBrowserCommon::create_linked_label_r('crm_meeting', 'Title', $record, $nolink);
if (isset($record['description']) && $record['description']!='') $ret = '<span '.Utils_TooltipCommon::open_tag_attrs(Utils_RecordBrowserCommon::format_long_text($record['description']), false).'>'.$ret.'</span>';
return $ret;


+ 4
- 0
modules/Utils/RecordBrowser/RecordBrowserCommon_0.php View File

@@ -1377,6 +1377,10 @@ class Utils_RecordBrowserCommon extends ModuleCommon {
if (is_bool($values[$desc['id']])) $values[$desc['id']] = $values[$desc['id']]?1:0;
$vals[] = $values[$desc['id']];
}
Utils_SafeHtml_SafeHtml::setSafeHtml(new Utils_SafeHtml_HtmlPurifier());
foreach ($vals as $k => $v) {
$vals[$k] = Utils_SafeHtml_SafeHtml::outputSafeHtml($v);
}
DB::Execute('INSERT INTO '.$tab.'_data_1 ('.$fields.') VALUES ('.$fields_types.')',$vals);
$id = DB::Insert_ID($tab.'_data_1', 'id');
if ($user) self::add_recent_entry($tab, $user, $id);


Loading…
Cancel
Save