Fix XSS in repo_manage_page.php and list.php

Vulnerability on repo_manage_page.php was introduced in v2.0.0-beta.2 (commit 79497dd). The one on list.php existed since the initial version of the page. Fixes #286
mantisbt-plugins · Sep 1, 2018 · c216ab2 · c216ab2
2 parents 8878a45 + 9e89752
commit c216ab2
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/Source/pages/list.php b/Source/pages/list.php
@@ -28,7 +28,7 @@
 	<div class="widget-box widget-color-blue2">
 		<div class="widget-header widget-header-small">
 			<h4 class="widget-title lighter">
-				<?php echo plugin_lang_get( 'changesets' ), ': ', $t_repo->name ?>
+				<?php echo plugin_lang_get( 'changesets' ), ': ', string_display_line( $t_repo->name ) ?>
 			</h4>
 		</div>
 
@@ -48,7 +48,7 @@
 								</a>
 							<?php
 							if( $t_url = $t_vcs->url_repo( $t_repo ) ) { ?>
-								<a class="btn btn-xs btn-primary btn-white btn-round" href="<?php echo $t_url ?>">
+								<a class="btn btn-xs btn-primary btn-white btn-round" href="<?php echo string_display_line( $t_url ) ?>">
 									<?php echo plugin_lang_get( 'browse' ) ?>
 								</a>
 							<?php } ?>

diff --git a/Source/pages/repo_manage_page.php b/Source/pages/repo_manage_page.php
@@ -123,7 +123,7 @@ function convert_to_key_value( $p_array ) {
 		?>
 		<tr>
 			<td class="category"><?php echo plugin_lang_get_defaulted( $t_key, $t_key, $t_vcs->basename ) ?></td>
-			<td><?php echo is_bool( $t_value ) ? trans_bool( $t_value ) : $t_value ?></td>
+			<td><?php echo is_bool( $t_value ) ? trans_bool( $t_value ) : string_display_line( $t_value )?></td>
 		</tr>
 		<?php } ?>
 	</table>