Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F34694831
01-T293556.patch
sbassett (Scott Bassett)
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Authored By
sbassett
Oct 18 2021, 7:11 PM
2021-10-18 19:11:37 (UTC+0)
Size
1 KB
Referenced Files
None
Subscribers
None
01-T293556.patch
View Options
From c73d48de269faa7867827a9c340c8a9c4b01d7fc Mon Sep 17 00:00:00 2001
From: sbassett <sbassett@wikimedia.org>
Date: Mon, 18 Oct 2021 14:09:29 -0500
Subject: [PATCH] SECURITY: html-escape caption field data within mustache
template
Bug: T293556
---
templates/filepage/CaptionsPanel.mustache+dom | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/templates/filepage/CaptionsPanel.mustache+dom b/templates/filepage/CaptionsPanel.mustache+dom
index c6fe17b9..9b928736 100644
--- a/templates/filepage/CaptionsPanel.mustache+dom
+++ b/templates/filepage/CaptionsPanel.mustache+dom
@@ -5,7 +5,7 @@
<div class="wbmi-entityview-caption"{{^show}} style="display: none;"{{/show}}>
<div class="wbmi-language-label">{{{language}}}</div>
<div class="wbmi-caption-value{{#empty}} wbmi-entityview-emptyCaption{{/empty}}" dir="{{textDirection}}" lang="{{langCode}}">
- {{{caption}}}
+ {{caption}}
{{#inputError}}<div class="wbmi-caption-publishError">{{{inputError}}}</div>{{/inputError}}
{{#inputWarning}}<div class="wbmi-caption-publishWarning">{{inputWarning}}</div>{{/inputWarning}}
</div>
--
2.30.2
File Metadata
Details
Attached
Mime Type
text/x-diff
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
9209594
Default Alt Text
01-T293556.patch (1 KB)
Attached To
Mode
T293556: Stored XSS via WikibaseMediaInfo caption fields at commons.wikimedia.org (CVE-2021-46146)
Attached
Detach File
Event Timeline
Log In to Comment