diff --git a/CHANGELOG.md b/CHANGELOG.md
index d7cb587a8a..bfe2cf58d7 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,8 @@
See [Upgrading] for details on how to upgrade.
+- Fix Multiple Stored XSS in Administration allowing execution of arbitrary JavaScript code, #1260
+
[3.10.9]: https://github.com/eventum/eventum/compare/v3.10.8...master
## [3.10.8] - 2021-11-10
diff --git a/templates/adv_search.tpl.html b/templates/adv_search.tpl.html
index c7e91945b5..ced3469253 100644
--- a/templates/adv_search.tpl.html
+++ b/templates/adv_search.tpl.html
@@ -372,7 +372,7 @@
{if $core.current_role < $core.roles.manager and $custom[i].cst_is_global}
{$custom[i].cst_title}
{else}
- {$custom[i].cst_title}
+ {$custom[i].cst_title|escape:"html"}
{/if}
{if $custom[i].cst_is_global}({t}global filter{/t}){/if}
diff --git a/templates/custom_fields.tpl.html b/templates/custom_fields.tpl.html
index 186281feb3..e530546714 100644
--- a/templates/custom_fields.tpl.html
+++ b/templates/custom_fields.tpl.html
@@ -11,7 +11,7 @@
{section name="i" loop=$custom_fields}
- {$custom_fields[i].fld_title}
+ {$custom_fields[i].fld_title|escape:"html"}
|
{if $custom_fields[i].fld_type == 'textarea'}
diff --git a/templates/edit_custom_fields.tpl.html b/templates/edit_custom_fields.tpl.html
index c8254cb056..9ded01a760 100644
--- a/templates/edit_custom_fields.tpl.html
+++ b/templates/edit_custom_fields.tpl.html
@@ -18,11 +18,11 @@
|
- {$custom_fields[i].fld_title}{if $cf_required} *{/if}
+ {$custom_fields[i].fld_title|escape:"html"}{if $cf_required} *{/if}
|
{if $custom_fields[i].fld_type == 'text'}
diff --git a/templates/faq.tpl.html b/templates/faq.tpl.html
index ceb6813889..33029115e9 100644
--- a/templates/faq.tpl.html
+++ b/templates/faq.tpl.html
@@ -34,7 +34,7 @@
|
{section name="i" loop=$faqs}
- {$faqs[i].faq_title} |
+ {$faqs[i].faq_title|escape:"html"} |
{$faqs[i].faq_updated_date|timeago} |
{/section}
diff --git a/templates/include/new_form.tpl.html b/templates/include/new_form.tpl.html
index b7a4ac0751..d0d3c0533d 100644
--- a/templates/include/new_form.tpl.html
+++ b/templates/include/new_form.tpl.html
@@ -47,7 +47,7 @@
{t}Create New Issue{/t}
-
+
|
{if $cats|@count > 0 && $core.current_role >= $field_display_settings.category.min_role}
diff --git a/templates/latest_news.tpl.html b/templates/latest_news.tpl.html
index 8e855a3ae1..603c4ad990 100644
--- a/templates/latest_news.tpl.html
+++ b/templates/latest_news.tpl.html
@@ -9,7 +9,7 @@
{section name="i" loop=$news}
- {$news[i].nws_created_date|timeago} - {$news[i].nws_title}
+ {$news[i].nws_created_date|timeago} - {$news[i].nws_title|escape:"html"}
{$news[i].nws_message|activateLinks:"links"}
diff --git a/templates/list.tpl.html b/templates/list.tpl.html
index 07be2b3e24..43183cc83d 100644
--- a/templates/list.tpl.html
+++ b/templates/list.tpl.html
@@ -105,13 +105,13 @@
{elseif $field_name == 'sev_rank'}
{$list[i].sev_title|escape:"html"}
{elseif $field_name == 'grp_name'}
- {$list[i].grp_name}
+ {$list[i].grp_name|escape:"html"}
{elseif $field_name == 'assigned'}
- {$list[i].assigned_users}
+ {$list[i].assigned_users|escape:"html"}
{elseif $field_name == 'time_spent'}
{$list[i].time_spent}
{elseif $field_name == 'prc_title'}
- {$list[i].prc_title}
+ {$list[i].prc_title|escape:"html"}
{elseif $field_name == 'pre_title'}
{$list[i].pre_title|escape:"html"}
{elseif $field_name == 'iss_customer_id'}
diff --git a/templates/manage/anonymous.tpl.html b/templates/manage/anonymous.tpl.html
index 0411a6d41c..5606a616d4 100644
--- a/templates/manage/anonymous.tpl.html
+++ b/templates/manage/anonymous.tpl.html
@@ -61,7 +61,7 @@
|
{t}Anonymous Reporting of New Issues{/t}
- ({t}Current Project{/t}: {$project.prj_title})
+ ({t}Current Project{/t}: {$project.prj_title|escape:"html"})
|
diff --git a/templates/manage/categories.tpl.html b/templates/manage/categories.tpl.html
index 7b4c4d5505..709120cd24 100644
--- a/templates/manage/categories.tpl.html
+++ b/templates/manage/categories.tpl.html
@@ -47,7 +47,7 @@
{t}Manage Categories{/t}
- ({t}Current Project{/t}: {$project.prj_title})
+ ({t}Current Project{/t}: {$project.prj_title|escape:"html"})
|
@@ -56,7 +56,7 @@
{t}Title{/t}: *
-
+
{include file="error_icon.tpl.html" field="title"}
|
@@ -90,7 +90,7 @@
|
- {$list[i].prc_title}
+ {$list[i].prc_title|escape:"html"}
|
{sectionelse}
diff --git a/templates/manage/column_display.tpl.html b/templates/manage/column_display.tpl.html
index d05250462d..6b84a8118f 100644
--- a/templates/manage/column_display.tpl.html
+++ b/templates/manage/column_display.tpl.html
@@ -15,7 +15,7 @@
{t}Manage Columns to Display{/t} {include file="help_link.tpl.html" topic="column_display"}
- ({t}Current Project{/t}: {$project_name})
+ ({t}Current Project{/t}: {$project_name|escape:"html"})
|
diff --git a/templates/manage/custom_fields.tpl.html b/templates/manage/custom_fields.tpl.html
index 1e2f33d293..ac881e4660 100644
--- a/templates/manage/custom_fields.tpl.html
+++ b/templates/manage/custom_fields.tpl.html
@@ -220,7 +220,7 @@
{t}Title{/t}
-
+
{include file="error_icon.tpl.html" field="title"}
|
@@ -229,7 +229,7 @@
{t}Short Description{/t}
-
+
({t}it will show up by the side of the field{/t})
|
@@ -419,16 +419,16 @@
{rank_icon href="{$core.rel_url}manage/custom_fields.php?cat=change_rank&id={$list[i].fld_id}&direction=-1" direction="up"}
- {$list[i].fld_title}
+ {$list[i].fld_title|escape:"html"}
|
- {$list[i].projects}
+ {$list[i].projects|escape:"html"}
|
- {$list[i].min_role_name}
+ {$list[i].min_role_name|escape:"html"}
|
- {$list[i].min_role_edit_name}
+ {$list[i].min_role_edit_name|escape:"html"}
|
{if $list[i].fld_type == 'combo'}{t}Combo Box{/t}{elseif $list[i].fld_type == 'multiple'}{t}Multiple Combo Box{/t}{elseif $list[i].fld_type == 'textarea'}{t}Textarea{/t}{elseif $list[i].fld_type == 'date'}{t}Date{/t}{elseif $list[i].fld_type == 'integer'}{t}Integer{/t}{elseif $list[i].fld_type == 'checkbox'}Checkbox{else}{t}Text Input{/t}{/if}
diff --git a/templates/manage/email_accounts.tpl.html b/templates/manage/email_accounts.tpl.html
index ed85d26502..70a0131bcb 100644
--- a/templates/manage/email_accounts.tpl.html
+++ b/templates/manage/email_accounts.tpl.html
@@ -244,7 +244,7 @@
{section name="i" loop=$list}
|
|
- {$list[i].prj_title} |
+ {$list[i].prj_title|escape:"html"} |
{$list[i].ema_hostname|escape:"html"} |
{$list[i].ema_type} |
diff --git a/templates/manage/email_responses.tpl.html b/templates/manage/email_responses.tpl.html
index 312502fc54..e2ae6e4e66 100644
--- a/templates/manage/email_responses.tpl.html
+++ b/templates/manage/email_responses.tpl.html
@@ -115,7 +115,7 @@
|
- {$list[i].ere_title}
+ {$list[i].ere_title|escape:"html"}
|
{$list[i].projects|escape:"html"}
diff --git a/templates/manage/groups.tpl.html b/templates/manage/groups.tpl.html
index 564e1d900f..5c7137e9f0 100644
--- a/templates/manage/groups.tpl.html
+++ b/templates/manage/groups.tpl.html
@@ -73,7 +73,7 @@
{t}Name{/t} *
|
-
+
{include file="error_icon.tpl.html" field="group_name"}
|
@@ -82,7 +82,7 @@
{t}Description{/t}
-
+
{include file="error_icon.tpl.html" field="description"}
|
@@ -155,16 +155,16 @@
- {$list[i].grp_name}
+ {$list[i].grp_name|escape:"html"}
|
- {$list[i].grp_description}
+ {$list[i].grp_description|escape:"html"}
|
- {$list[i].manager}
+ {$list[i].manager|escape:"html"}
|
- {", "|join:$list[i].projects}
+ {", "|join:$list[i].projects|escape:"html"}
|
{sectionelse}
diff --git a/templates/manage/issue_auto_creation.tpl.html b/templates/manage/issue_auto_creation.tpl.html
index e783a9d580..aa61d3164c 100644
--- a/templates/manage/issue_auto_creation.tpl.html
+++ b/templates/manage/issue_auto_creation.tpl.html
@@ -50,7 +50,7 @@
{t}Auto-Creation of Issues{/t}
- ({t}Associated Project{/t}: {$prj_title})
+ ({t}Associated Project{/t}: {$prj_title|escape:"html"})
|
diff --git a/templates/manage/link_filters.tpl.html b/templates/manage/link_filters.tpl.html
index 595c3adc7a..456644db61 100644
--- a/templates/manage/link_filters.tpl.html
+++ b/templates/manage/link_filters.tpl.html
@@ -150,13 +150,13 @@
{$list[i].lfi_replacement|escape:"html"}
- {$list[i].lfi_description}
+ {$list[i].lfi_description|escape:"html"}
|
- {$list[i].min_usr_role_name}
+ {$list[i].min_usr_role_name|escape:"html"}
|
- {", "|join:$list[i].project_names}
+ {", "|join:$list[i].project_names|escape:"html"}
|
{sectionelse}
diff --git a/templates/manage/news.tpl.html b/templates/manage/news.tpl.html
index a28869396e..54f5f54697 100644
--- a/templates/manage/news.tpl.html
+++ b/templates/manage/news.tpl.html
@@ -133,7 +133,7 @@
|
- {$list[i].nws_title}
+ {$list[i].nws_title|escape:"html"}
|
{$list[i].projects|escape:"html"}
diff --git a/templates/manage/phone_categories.tpl.html b/templates/manage/phone_categories.tpl.html
index 6a2eb5419f..f0d14cad81 100644
--- a/templates/manage/phone_categories.tpl.html
+++ b/templates/manage/phone_categories.tpl.html
@@ -46,7 +46,7 @@
|
{t}Manage Phone Support Categories{/t}
- ({t}Current Project{/t}: {$project.prj_title})
+ ({t}Current Project{/t}: {$project.prj_title|escape:"html"})
|
@@ -54,7 +54,7 @@
{t}Title{/t}: *
-
+
{include file="error_icon.tpl.html" field="title"}
|
@@ -88,7 +88,7 @@
|
- {$list[i].phc_title}
+ {$list[i].phc_title|escape:"html"}
|
{sectionelse}
diff --git a/templates/manage/priorities.tpl.html b/templates/manage/priorities.tpl.html
index 55f7f02de4..a7e3fcc50d 100644
--- a/templates/manage/priorities.tpl.html
+++ b/templates/manage/priorities.tpl.html
@@ -79,7 +79,7 @@
{t}Manage Priorities{/t}
- ({t}Current Project{/t}: {$project.prj_title})
+ ({t}Current Project{/t}: {$project.prj_title|escape:"html"})
|
@@ -88,7 +88,7 @@
{t}Title{/t}: *
-
+
{include file="error_icon.tpl.html" field="title"}
|
@@ -154,7 +154,7 @@
{if $list[i].pri_icon > 0}{/if}
- {$list[i].pri_title}
+ {$list[i].pri_title|escape:"html"}
|
{sectionelse}
diff --git a/templates/manage/products.tpl.html b/templates/manage/products.tpl.html
index 44563fd784..9b3885a11c 100644
--- a/templates/manage/products.tpl.html
+++ b/templates/manage/products.tpl.html
@@ -57,7 +57,7 @@
{t}Title{/t} *
-
+
{include file="error_icon.tpl.html" field="title"}
|
diff --git a/templates/manage/projects.tpl.html b/templates/manage/projects.tpl.html
index 5f37827f42..c1916e6059 100644
--- a/templates/manage/projects.tpl.html
+++ b/templates/manage/projects.tpl.html
@@ -271,7 +271,7 @@
{section name="i" loop=$list}
- {$list[i].prj_title}
+ {$list[i].prj_title|escape:"html"}
|
{$list[i].usr_full_name|escape:html} |
{$list[i].prj_status|capitalize} |
diff --git a/templates/manage/releases.tpl.html b/templates/manage/releases.tpl.html
index 864a2e6ba4..a8ead43108 100644
--- a/templates/manage/releases.tpl.html
+++ b/templates/manage/releases.tpl.html
@@ -47,7 +47,7 @@
{t}Manage Releases{/t}
- ({t}Current Project{/t}: {$project.prj_title})
+ ({t}Current Project{/t}: {$project.prj_title|escape:"html"})
|
@@ -56,7 +56,7 @@
{t}Title{/t}:
-
+
{include file="error_icon.tpl.html" field="title"}
|
@@ -111,7 +111,7 @@
|
- {$list[i].pre_title}
+ {$list[i].pre_title|escape:"html"}
|
{$list[i].pre_scheduled_date} |
{$list[i].pre_status} |
diff --git a/templates/manage/resolution.tpl.html b/templates/manage/resolution.tpl.html
index 614e64dbaf..d373b6a62e 100644
--- a/templates/manage/resolution.tpl.html
+++ b/templates/manage/resolution.tpl.html
@@ -57,7 +57,7 @@
{t}Title{/t}:
-
+
{include file="error_icon.tpl.html" field="title"}
|
@@ -101,7 +101,7 @@
|
{$list[i].res_rank} |
- {$list[i].res_title}
+ {$list[i].res_title|escape:"html"}
|
{sectionelse}
diff --git a/templates/manage/round_robin.tpl.html b/templates/manage/round_robin.tpl.html
index 49f7a83d97..1299471102 100644
--- a/templates/manage/round_robin.tpl.html
+++ b/templates/manage/round_robin.tpl.html
@@ -131,7 +131,7 @@
|
- {$list[i].prj_title}
+ {$list[i].prj_title|escape:"html"}
|
{$list[i].users|escape:"html"}
diff --git a/templates/manage/severities.tpl.html b/templates/manage/severities.tpl.html
index bd3e7197d6..c239ef0382 100644
--- a/templates/manage/severities.tpl.html
+++ b/templates/manage/severities.tpl.html
@@ -56,7 +56,7 @@
|
{t}Manage Severities{/t}
- ({t}Current Project{/t}: {$project.prj_title})
+ ({t}Current Project{/t}: {$project.prj_title|escape:"html"})
|
@@ -65,7 +65,7 @@
{t}Title{/t} *
-
+
{include file="error_icon.tpl.html" field="title"}
|
@@ -74,7 +74,7 @@
{t}Description{/t} *
-
+
{include file="error_icon.tpl.html" field="title"}
|
@@ -124,10 +124,10 @@
{rank_icon href="{$core.rel_url}manage/severities.php?cat=change_rank&id={$list[i].sev_id}&prj_id={$project.prj_id}&rank=asc" direction="up"}
- {$list[i].sev_title}
+ {$list[i].sev_title|escape:"html"}
|
- {$list[i].sev_description}
+ {$list[i].sev_description|escape:"html"}
|
{sectionelse}
diff --git a/templates/manage/status_action_date.tpl.html b/templates/manage/status_action_date.tpl.html
index 80d06eeb1c..9cee84c9af 100644
--- a/templates/manage/status_action_date.tpl.html
+++ b/templates/manage/status_action_date.tpl.html
@@ -131,7 +131,7 @@
{section name="i" loop=$list}
|
- {$list[i].prj_title} |
+ {$list[i].prj_title|escape:"html"} |
{$list[i].sta_title|escape:"html"}
|
diff --git a/templates/manage/statuses.tpl.html b/templates/manage/statuses.tpl.html
index 2c0d7378a9..c3440318aa 100644
--- a/templates/manage/statuses.tpl.html
+++ b/templates/manage/statuses.tpl.html
@@ -166,7 +166,7 @@
{$list[i].sta_rank} |
{$list[i].sta_abbreviation} |
- {$list[i].sta_title}
+ {$list[i].sta_title|escape:"html"}
|
{$list[i].projects|escape:"html"}
diff --git a/templates/manage/time_tracking.tpl.html b/templates/manage/time_tracking.tpl.html
index 7a8fb81c3f..4a57377235 100644
--- a/templates/manage/time_tracking.tpl.html
+++ b/templates/manage/time_tracking.tpl.html
@@ -57,7 +57,7 @@
{t}Title{/t}
|
-
+
{include file="error_icon.tpl.html" field="title"}
|
@@ -91,7 +91,7 @@
|
- {$list[i].ttc_title}
+ {$list[i].ttc_title|escape:"html"}
|
{sectionelse}
diff --git a/templates/manage/users_form.tpl.html b/templates/manage/users_form.tpl.html
index acc0eb8e05..8b6953c1ee 100644
--- a/templates/manage/users_form.tpl.html
+++ b/templates/manage/users_form.tpl.html
@@ -149,7 +149,7 @@
{foreach from=$project_list key=prj_id item=prj_name}
- {$prj_name}: |
+ {$prj_name|escape:"html"}: |
{if $info.roles.$prj_id.pru_role|default:'' == $core.roles.customer}
{t}Customer{/t}
diff --git a/templates/manage/users_list.tpl.html b/templates/manage/users_list.tpl.html
index ca09ceb4ce..43de1684dd 100644
--- a/templates/manage/users_list.tpl.html
+++ b/templates/manage/users_list.tpl.html
@@ -133,11 +133,11 @@
|
{$list[i].usr_full_name|default:$list[i].usr_email}
+ title="{t}update this entry{/t}">{$list[i].usr_full_name|default:$list[i].usr_email|escape:"html"}
|
{foreach from=$list[i].roles item=role_data}
- {$role_data.prj_title}: {$role_data.role}
+ {$role_data.prj_title|escape:"html"}: {$role_data.role}
{/foreach}
|
diff --git a/templates/phone_support.tpl.html b/templates/phone_support.tpl.html
index 0d48c373f5..ae3dfd1d9e 100644
--- a/templates/phone_support.tpl.html
+++ b/templates/phone_support.tpl.html
@@ -59,8 +59,8 @@
{$phone_entries[i].phs_call_from_lname}, {$phone_entries[i].phs_call_from_fname} |
{$phone_entries[i].phs_call_to_lname}, {$phone_entries[i].phs_call_to_fname} |
{$phone_entries[i].phs_type|capitalize} |
- {$phone_entries[i].phc_title} |
- {$phone_entries[i].phs_phone_number} ({$phone_entries[i].phs_phone_type}) |
+ {$phone_entries[i].phc_title|escape:"html"} |
+ {$phone_entries[i].phs_phone_number|escape:"html"} ({$phone_entries[i].phs_phone_type}) |
{include file="expandable_cell/body.tpl.html" ec_id="phone" list_id=$phone_entries[i].phs_id colspan="9" class=$row_class}
{sectionelse}
diff --git a/templates/reports/category_statuses.tpl.html b/templates/reports/category_statuses.tpl.html
index 882650532a..bbb05ee010 100644
--- a/templates/reports/category_statuses.tpl.html
+++ b/templates/reports/category_statuses.tpl.html
@@ -7,12 +7,12 @@
{t}Category{/t} |
{foreach from=$statuses item=status}
- {$status} |
+ {$status|escape:"html"} |
{/foreach}
{foreach from=$data item=row}
- {$row.title} |
+ {$row.title|escape:"html"} |
{foreach from=$row.statuses item=col}
{$col.count} |
{/foreach}
diff --git a/templates/reports/custom_fields.tpl.html b/templates/reports/custom_fields.tpl.html
index de4fcf011e..f1451f5fd5 100644
--- a/templates/reports/custom_fields.tpl.html
+++ b/templates/reports/custom_fields.tpl.html
@@ -196,7 +196,7 @@
{else}
{t}Issue ID{/t} |
{t}Summary{/t} |
- {$field_info.fld_title} |
+ {$field_info.fld_title|escape:"html"} |
{/if}
{foreach from=$data item=row}
diff --git a/templates/reports/custom_fields_weekly.tpl.html b/templates/reports/custom_fields_weekly.tpl.html
index 371db76f23..c8e338d9f6 100644
--- a/templates/reports/custom_fields_weekly.tpl.html
+++ b/templates/reports/custom_fields_weekly.tpl.html
@@ -176,7 +176,7 @@
{t}Issue ID{/t} |
{t}Summary{/t} |
{t}Time Spent{/t} |
- {$field_info.fld_title} |
+ {$field_info.fld_title|escape:"html"} |
{if $per_user}
{t}User{/t} |
{/if}
diff --git a/templates/reports/estimated_dev_time.tpl.html b/templates/reports/estimated_dev_time.tpl.html
index 9367ff04b1..0f3aa1b939 100644
--- a/templates/reports/estimated_dev_time.tpl.html
+++ b/templates/reports/estimated_dev_time.tpl.html
@@ -3,7 +3,7 @@
{block "report_content"}
{t}Estimated Development Time by Category{/t}
-
{t escape=no 1=$core.project_name}Based on all open issue in Eventum for %1.{/t}
+{t escape=no 1=$core.project_name|escape:"html"}Based on all open issue in Eventum for %1.{/t}
@@ -16,7 +16,7 @@ {t}Estimated Development Time by Category{/t}
{section name="issues" loop=$data}
- {$data[issues].prc_title} |
+ {$data[issues].prc_title|escape:"html"} |
{$data[issues].dev_time} |
{/section}
diff --git a/templates/select_project.tpl.html b/templates/select_project.tpl.html
index bb935459f9..9a9fdb3210 100644
--- a/templates/select_project.tpl.html
+++ b/templates/select_project.tpl.html
@@ -40,7 +40,7 @@
{if $project@first}checked="checked"{/if}>
-
+
|
{/foreach}
diff --git a/templates/time_tracking.tpl.html b/templates/time_tracking.tpl.html
index 7ad98bd0c6..4587115786 100644
--- a/templates/time_tracking.tpl.html
+++ b/templates/time_tracking.tpl.html
@@ -26,7 +26,7 @@
{if $core.user.usr_id == $time_entries[i].ttr_usr_id}[ {t}delete{/t} ]{/if}
{$time_entries[i].formatted_time} |
- {$time_entries[i].ttc_title} |
+ {$time_entries[i].ttc_title|escape:"html"} |
{if $time_entries[i].ttr_usr_id == $core.current_user_id or $core.current_role >= $core.roles.manager}
{assign var="edit_entry" value=true}
diff --git a/templates/view_form.tpl.html b/templates/view_form.tpl.html
index cc1a51d8c1..50605c0692 100644
--- a/templates/view_form.tpl.html
+++ b/templates/view_form.tpl.html
@@ -76,7 +76,7 @@
{/if}
{elseif $row.field|default:'' == 'product'}
{if $issue.products|@count > 0}
- {$issue.products[0].product}
+ {$issue.products[0].product|escape:"html"}
{$issue.products[0].version}
{/if}
{elseif $row.field == 'customer_0'}
@@ -114,7 +114,7 @@
{elseif $row.field|default:'' == 'associated_issues'}
{section name="i" loop=$issue.associated_issues_details}
{strip}
- #{$issue.associated_issues_details[i].associated_issue}
+ #{$issue.associated_issues_details[i].associated_issue}
{if not $smarty.section.i.last},{/if}
{/strip}
{sectionelse}
|