composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-02-13 07:24:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

N°8201 - [CVE_Request]_Cross-Site-Script Reflected(XSS Reflected at the name="attr_installed" (Low or Medium)

Browse Source
This commit is contained in:
bdalsass
2025-05-23 10:06:01 +02:00
parent 81b20ee583
commit 13239c2751
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
pages/UI.php
View File

@@ -1989,7 +1989,7 @@ catch(CoreException $e)
{
$oP->add("<h1>".Dict::S('UI:FatalErrorMessage')."</h1>\n");
}
$oP->error(Dict::Format('UI:Error_Details', $e->getHtmlDesc()));
$oP->error(Dict::Format('UI:Error_Details', Str::pure2html($e->getHtmlDesc())));
$oP->output();
if (MetaModel::IsLogEnabledIssue())
@@ -2025,7 +2025,7 @@ catch(Exception $e)
require_once(APPROOT.'/setup/setuppage.class.inc.php');
$oP = new ErrorPage(Dict::S('UI:PageTitle:FatalError'));
$oP->add("<h1>".Dict::S('UI:FatalErrorMessage')."</h1>\n");
$oP->error(Dict::Format('UI:Error_Details', $e->getMessage()));
$oP->error(Dict::Format('UI:Error_Details', Str::pure2html($e->getMessage())));
$oP->output();
if (MetaModel::IsLogEnabledIssue())