composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-04-20 09:08:42 +02:00
Code Issues Packages Projects Releases Wiki Activity

(Retrofit from trunk) Fixed XSS vulnerability

Browse Source 
SVN:2.3[4387]
This commit is contained in:
Romain Quetiez
2016-09-06 10:06:22 +00:00
parent a222f296ef
commit b8e4f3d762
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
setup/email.test.php
View File

@@ -204,7 +204,7 @@ function DisplayStep2(SetupPage $oP, $sFrom, $sTo)
//$sNextOperation = 'step3';
$oP->add("<h1>iTop configuration wizard</h1>\n");
$oP->add("<h2>Step 2: send an email</h2>\n");
$oP->add("<p>Sending an email to '$sTo'... (From: '$sFrom')</p>\n");
$oP->add("<p>Sending an email to '".htmlentities($sTo, ENT_QUOTES, 'utf-8')."'... (From: '".htmlentities($sFrom, ENT_QUOTES, 'utf-8')."')</p>\n");
$oP->add("<form method=\"post\">\n");
$oEmail = new Email();
@@ -236,7 +236,7 @@ function DisplayStep2(SetupPage $oP, $sFrom, $sTo)
case EMAIL_SEND_ERROR:
foreach ($aIssues as $sError)
{
$oP->error($sError);
$oP->error(htmlentities($sError, ENT_QUOTES, 'utf-8'));
}
$oP->add("<button onClick=\"window.history.back();\"><< Back</button>\n");
break;
@@ -279,7 +279,7 @@ try
}
catch(Exception $e)
{
$oP->error("Error: '".$e->getMessage()."'");
$oP->error("Error: '".htmlentities($e->getMessage(), ENT_QUOTES, 'utf-8')."'");
}
catch(CoreException $e)
{