From fc03c95f8309a19155279e33b9f57a2fe4c5756e Mon Sep 17 00:00:00 2001
From: lethanhphuc <31820707+noobpk@users.noreply.github.com>
Date: Fri, 3 Dec 2021 13:26:43 +0700
Subject: [PATCH] Using HTML `` tag when render icon_url (#1119)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
* Using HTML `` tag when render icon_url
Fix bug stored xss in icon_url
Disclosure: https://huntr.dev/bounties/e7ae5152-2997-461b-a783-c942a12589c2/
* Add `htmlspecialchars` for value in function `twig_img_tag` — Convert special characters to HTML entities
Using `img_tag` for render icon_url
---
src/bb-library/Box/TwigExtensions.php | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/bb-library/Box/TwigExtensions.php b/src/bb-library/Box/TwigExtensions.php
index 610033e32..794241b4b 100644
--- a/src/bb-library/Box/TwigExtensions.php
+++ b/src/bb-library/Box/TwigExtensions.php
@@ -181,7 +181,7 @@ function twig_asset_url(Twig\Environment $env, $asset)
function twig_img_tag($path, $alt = null)
{
$alt = is_null($alt) ? pathinfo($path, PATHINFO_BASENAME) : $alt;
- return sprintf('', $path, $alt, $alt);
+ return sprintf('', htmlspecialchars($path), htmlspecialchars($alt), htmlspecialchars($alt));
}
function twig_script_tag($path)