[PATCH] Fix XSS vulnerabilites in madison.php

To: debian-qa@lists.debian.org
Subject: [PATCH] Fix XSS vulnerabilites in madison.php
From: Chris Lamb <chris@chris-lamb.co.uk>
Date: Mon, 12 May 2008 13:28:21 +0100
Message-id: <[🔎] 20080512132821.6cc9a45c@sakaki.chris-lamb.co.uk>

Hi,

I have attached a patch that fixes some cross-site scripting vulnerabilites
in http://qa.debian.org/madison.php.


Regards,

-- 
Chris Lamb, UK                                       chris@chris-lamb.co.uk
                                                            GPG: 0x634F9A20

Index: wml/madison.wml
===================================================================
--- wml/madison.wml	(revision 1876)
+++ wml/madison.wml	(working copy)
@@ -101,7 +101,7 @@
 
 <p>
 <form action="madison.php" method="get">
-<input type="text" name="package" value="<? print $package ?>">
+<input type="text" name="package" value="<? print htmlentities($package) ?>">
 <input type="submit" value="Query">
 <br>
 <small> Show:
@@ -110,12 +110,12 @@
 </small><br>
 <span id="config" style="display:<? print $opt ? "block" : "none" ?>">
 <table border="0">
-<tr><td>architecture</td><td><input type="text" name="a" value="<? print $_GET['a'] ?>"></td></tr>
-<tr><td>binary-type</td><td><input type="text" name="b" value="<? print $_GET['b'] ?>"></td></tr>
-<tr><td>component</td><td><input type="text" name="c" value="<? print $_GET['c'] ?>"></td></tr>
+<tr><td>architecture</td><td><input type="text" name="a" value="<? print htmlentities($_GET['a']) ?>"></td></tr>
+<tr><td>binary-type</td><td><input type="text" name="b" value="<? print htmlentities($_GET['b']) ?>"></td></tr>
+<tr><td>component</td><td><input type="text" name="c" value="<? print htmlentities($_GET['c']) ?>"></td></tr>
 <tr><td>greaterorequal</td><td><input type="checkbox" name="g"<? if (isset($_GET['g'])) print " checked" ?>></td></tr>
 <tr><td>greaterthan</td><td><input type="checkbox" name="G"<? if (isset($_GET['G'])) print " checked" ?>></td></tr>
-<tr><td>suite</td><td><input type="text" name="s" value="<? print $_GET['s'] ?>"></td></tr>
+<tr><td>suite</td><td><input type="text" name="s" value="<? print htmlentities($_GET['s']) ?>"></td></tr>
 <tr><td>source-and-binary</td><td><input type="checkbox" name="S"<? if (isset($_GET['S'])) print " checked" ?>></td></tr>
 <tr><td>text-only</td><td><input type="checkbox" name="text"> with time <input type="checkbox" name="t"<? if (isset($_GET['t'])) print " checked" ?>></td></tr>
 </table>

Attachment: signature.asc
Description: PGP signature

Reply to:

Follow-Ups:
- Re: [PATCH] Fix XSS vulnerabilites in madison.php
  - From: Thijs Kinkhorst <thijs@debian.org>

Prev by Date: Bug#480849: Please list Package-Arch-Specific entry on PTS page
Next by Date: Re: [PATCH] Fix XSS vulnerabilites in madison.php
Previous by thread: Bug#480849: Please list Package-Arch-Specific entry on PTS page
Next by thread: Re: [PATCH] Fix XSS vulnerabilites in madison.php
Index(es):
- Date
- Thread