Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F34960379
0001-SECURITY-HTML-escape-string-values.patch
Lucas_Werkmeister_WMDE (Lucas Werkmeister (WMDE))
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Authored By
Lucas_Werkmeister_WMDE
Feb 21 2022, 10:04 AM
2022-02-21 10:04:39 (UTC+0)
Size
813 B
Referenced Files
None
Subscribers
None
0001-SECURITY-HTML-escape-string-values.patch
View Options
From 7a20ee77ad35c36d4824c59e17f88d445f8e5f65 Mon Sep 17 00:00:00 2001
From: Lucas Werkmeister <lucas.werkmeister@wikimedia.de>
Date: Mon, 21 Feb 2022 10:54:08 +0100
Subject: [PATCH] SECURITY: HTML-escape string values
Bug: T302192
---
includes/JCTabularContentView.php | 2 ++
1 file changed, 2 insertions(+)
diff --git a/includes/JCTabularContentView.php b/includes/JCTabularContentView.php
index b5aa8fd..87c32ce 100644
--- a/includes/JCTabularContentView.php
+++ b/includes/JCTabularContentView.php
@@ -132,6 +132,8 @@ public function valueToHtml(
} elseif ( $column === null ) {
$header['class'] = 'mw-tabular-value-null';
$column = '';
+ } else {
+ $column = htmlspecialchars( $column );
}
$vals[] = Html::rawElement( 'td', $header, $column );
}
--
2.32.0
File Metadata
Details
Attached
Mime Type
text/x-diff
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
9350975
Default Alt Text
0001-SECURITY-HTML-escape-string-values.patch (813 B)
Attached To
Mode
T302192: Data fields in Commons tabular datasets allow running arbitrary JS (CVE-2022-28210)
Attached
Detach File
Event Timeline
Log In to Comment