Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F34890778
01-T298019.patch
Urbanecm_WMF (Martin Urbanec / Urbanecm)
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Authored By
Urbanecm_WMF
Dec 20 2021, 3:41 PM
2021-12-20 15:41:30 (UTC+0)
Size
1 KB
Referenced Files
None
Subscribers
None
01-T298019.patch
View Options
From 87e2e59ef429c15dc17857dc2a70c6d65eb39242 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Gerg=C5=91=20Tisza?= <tgr.huwiki@gmail.com>
Date: Sun, 19 Dec 2021 23:09:44 -0800
Subject: [PATCH] SECURITY: Fix i18n XSS in SuggestedEdits
Bug: T298019
Change-Id: Iebf354ee90ec7212d8121edd97356d0e5e15e274
---
includes/HomepageModules/SuggestedEdits.php | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/includes/HomepageModules/SuggestedEdits.php b/includes/HomepageModules/SuggestedEdits.php
index 524eea45..2d01ba78 100644
--- a/includes/HomepageModules/SuggestedEdits.php
+++ b/includes/HomepageModules/SuggestedEdits.php
@@ -486,7 +486,7 @@ class SuggestedEdits extends BaseModule {
if ( $showTaskPreview ) {
$taskPager = $this->getContext()->msg( 'growthexperiments-homepage-suggestededits-pager' )
->numParams( 1, $tasks->getTotalCount() )
- ->text();
+ ->parse();
$button = new ButtonWidget( [
'label' => $this->getContext()->msg(
'growthexperiments-homepage-suggestededits-mobilesummary-footer-button' )->text(),
--
2.20.1
File Metadata
Details
Attached
Mime Type
text/x-diff
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
9308441
Default Alt Text
01-T298019.patch (1 KB)
Attached To
Mode
T298019: i18n XSS in GrowthExperiments suggested edits pager (CVE-2022-28326)
Attached
Detach File
Event Timeline
Log In to Comment