Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Fix stored XSS in invoice_items-ajax-cache.php
  • Loading branch information
Ahmad Gneady committed Jul 3, 2021
1 parent 478e5a5 commit d74504b
Show file tree
Hide file tree
Showing 8 changed files with 13 additions and 13 deletions.
2 changes: 1 addition & 1 deletion app/admin/incFunctions.php
Expand Up @@ -1457,7 +1457,7 @@ function html_attr($str) {
function html_attr_tags_ok($str) {
// use this instead of html_attr() if you don't want html tags to be escaped
$new_str = html_attr($str);
return str_replace(array('&lt;', '&gt;'), array('<', '>'), $new_str);
return str_replace(['&lt;', '&gt;'], ['<', '>'], $new_str);
}
#########################################################
class Notification{
Expand Down
2 changes: 1 addition & 1 deletion app/admin/pageServerStatus.php
@@ -1,6 +1,6 @@
<?php
$appgini_version = '6.0.1145';
$generated_ts = '3/7/2021 2:02:58 AM';
$generated_ts = '3/7/2021 2:25:50 AM';

$currDir = dirname(__FILE__);
require("{$currDir}/incCommon.php");
Expand Down
4 changes: 2 additions & 2 deletions app/templates/clients-ajax-cache.php
@@ -1,6 +1,6 @@
<?php
$rdata = array_map('to_utf8', array_map('nl2br', array_map('html_attr_tags_ok', $rdata)));
$jdata = array_map('to_utf8', array_map('nl2br', array_map('html_attr_tags_ok', $jdata)));
$rdata = array_map('to_utf8', array_map('safe_html', array_map('html_attr_tags_ok', $rdata)));
$jdata = array_map('to_utf8', array_map('safe_html', array_map('html_attr_tags_ok', $jdata)));
?>
<script>
$j(function() {
Expand Down
4 changes: 2 additions & 2 deletions app/templates/invoice_items-ajax-cache.php
@@ -1,6 +1,6 @@
<?php
$rdata = array_map('to_utf8', array_map('nl2br', array_map('html_attr_tags_ok', $rdata)));
$jdata = array_map('to_utf8', array_map('nl2br', array_map('html_attr_tags_ok', $jdata)));
$rdata = array_map('to_utf8', array_map('safe_html', array_map('html_attr_tags_ok', $rdata)));
$jdata = array_map('to_utf8', array_map('safe_html', array_map('html_attr_tags_ok', $jdata)));
?>
<script>
$j(function() {
Expand Down
4 changes: 2 additions & 2 deletions app/templates/invoices-ajax-cache.php
@@ -1,6 +1,6 @@
<?php
$rdata = array_map('to_utf8', array_map('nl2br', array_map('html_attr_tags_ok', $rdata)));
$jdata = array_map('to_utf8', array_map('nl2br', array_map('html_attr_tags_ok', $jdata)));
$rdata = array_map('to_utf8', array_map('safe_html', array_map('html_attr_tags_ok', $rdata)));
$jdata = array_map('to_utf8', array_map('safe_html', array_map('html_attr_tags_ok', $jdata)));
?>
<script>
$j(function() {
Expand Down
4 changes: 2 additions & 2 deletions app/templates/item_prices-ajax-cache.php
@@ -1,6 +1,6 @@
<?php
$rdata = array_map('to_utf8', array_map('nl2br', array_map('html_attr_tags_ok', $rdata)));
$jdata = array_map('to_utf8', array_map('nl2br', array_map('html_attr_tags_ok', $jdata)));
$rdata = array_map('to_utf8', array_map('safe_html', array_map('html_attr_tags_ok', $rdata)));
$jdata = array_map('to_utf8', array_map('safe_html', array_map('html_attr_tags_ok', $jdata)));
?>
<script>
$j(function() {
Expand Down
4 changes: 2 additions & 2 deletions app/templates/items-ajax-cache.php
@@ -1,6 +1,6 @@
<?php
$rdata = array_map('to_utf8', array_map('nl2br', array_map('html_attr_tags_ok', $rdata)));
$jdata = array_map('to_utf8', array_map('nl2br', array_map('html_attr_tags_ok', $jdata)));
$rdata = array_map('to_utf8', array_map('safe_html', array_map('html_attr_tags_ok', $rdata)));
$jdata = array_map('to_utf8', array_map('safe_html', array_map('html_attr_tags_ok', $jdata)));
?>
<script>
$j(function() {
Expand Down
2 changes: 1 addition & 1 deletion online-invoicing-system.axp

Large diffs are not rendered by default.

0 comments on commit d74504b

Please sign in to comment.