Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Fix stored XSS security issue: decode HTML entities from URL
  • Loading branch information
francoisjacquet committed May 1, 2022
1 parent d219015 commit ba96fa4
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 1 deletion.
1 change: 1 addition & 0 deletions CHANGES.md
Expand Up @@ -67,6 +67,7 @@ Changes in 9.0
- Sanitize / escape URL as THEME is often included for button img src attribute in User.fnc.php
- Better format for "Add another marking period" form in EditReportCardGrades.php
- Fix Improper Access Control security issue: add random string to photo file name in TipMessage.fnc.php, Transcripts.fnc.php, PrintClassPictures.php, Student.php, User.php & General_Info.inc.php, thanks to @dungtuanha
- Fix stored XSS security issue: decode HTML entities from URL in PreparePHP_SELF.fnc.php, thanks to @khanhchauminh

Changes in 8.9.5
----------------
Expand Down
5 changes: 4 additions & 1 deletion functions/PreparePHP_SELF.fnc.php
Expand Up @@ -173,6 +173,9 @@ function RedirectURL( $remove )
*/
function URLEscape( $string )
{
// Fix stored XSS security issue: decode HTML entities from URL.
$decoded_string = html_entity_decode( $string );

$entities = [
'%21',
'%2A',
Expand Down Expand Up @@ -223,7 +226,7 @@ function URLEscape( $string )
return str_replace(
$entities,
$replacements,
rawurlencode( (string) $string )
rawurlencode( (string) $decoded_string )
);
}

Expand Down

0 comments on commit ba96fa4

Please sign in to comment.