From fb3056a21d439135480ee299bf1ab646867b5f4f Mon Sep 17 00:00:00 2001
From: Christian F <christian.feldkirchner@pimcore.com>
Date: Mon, 17 Apr 2023 16:35:23 +0200
Subject: [PATCH] [Security] Fixed XSS in class editor using date fields
 (#14930)

* fixed xss in datetime data field

* fixed xss in date data field

* changed `!==` to `!=`
---
 .../public/js/pimcore/object/classes/data/date.js      |  9 ++++++++-
 .../public/js/pimcore/object/classes/data/datetime.js  | 10 ++++------
 2 files changed, 12 insertions(+), 7 deletions(-)

diff --git a/bundles/AdminBundle/Resources/public/js/pimcore/object/classes/data/date.js b/bundles/AdminBundle/Resources/public/js/pimcore/object/classes/data/date.js
index 2d293774285..5caa12d02e9 100644
--- a/bundles/AdminBundle/Resources/public/js/pimcore/object/classes/data/date.js
+++ b/bundles/AdminBundle/Resources/public/js/pimcore/object/classes/data/date.js
@@ -69,7 +69,14 @@ pimcore.object.classes.data.date = Class.create(pimcore.object.classes.data.data
             name: "defaultValue",
             cls: "object_field",
             width: 300,
-            disabled: datax.useCurrentDate
+            disabled: datax.useCurrentDate,
+            listeners: {
+                change: function (defaultDateField, newValue, oldValue) {
+                    if(typeof this.getValue() != 'object') {
+                        this.setValue(null);
+                    }
+                }
+            }
         };
 
         if (datax.defaultValue) {
diff --git a/bundles/AdminBundle/Resources/public/js/pimcore/object/classes/data/datetime.js b/bundles/AdminBundle/Resources/public/js/pimcore/object/classes/data/datetime.js
index 0f465c70f3a..e2e7df2d1ac 100644
--- a/bundles/AdminBundle/Resources/public/js/pimcore/object/classes/data/datetime.js
+++ b/bundles/AdminBundle/Resources/public/js/pimcore/object/classes/data/datetime.js
@@ -176,20 +176,18 @@ pimcore.object.classes.data.datetime = Class.create(pimcore.object.classes.data.
     },
 
     setDefaultValue:function (defaultValue, datefield, timefield) {
-
-        if (datefield.getValue()) {
+        if(datefield.getValue() && typeof datefield.getValue() === 'object') {
             var dateString = Ext.Date.format(datefield.getValue(), "Y-m-d");
 
             if (timefield.getValue()) {
                 dateString += " " + Ext.Date.format(timefield.getValue(), "H:i");
-            }
-            else {
+            } else {
                 dateString += " 00:00";
             }
 
-            defaultValue.setValue((Ext.Date.parseDate(dateString, "Y-m-d H:i").getTime())/1000);
-
+            defaultValue.setValue((Ext.Date.parseDate(dateString, "Y-m-d H:i").getTime()) / 1000);
         } else {
+            datefield.setValue(null);
             defaultValue.setValue(null);
         }
     },