You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@jspwiki.apache.org by br...@apache.org on 2022/11/24 09:25:13 UTC

[jspwiki] 07/08: XSS vulnerability reported by Eugene Lim and Sng Jay Kai.

This is an automated email from the ASF dual-hosted git repository.

brushed pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/jspwiki.git

commit 75019d337f1d0033b1f65428e75f43baeffd99dd
Author: brushed <di...@gmail.com>
AuthorDate: Thu Nov 24 10:24:33 2022 +0100

    XSS vulnerability reported by Eugene Lim and Sng Jay Kai.
---
 jspwiki-war/src/main/webapp/templates/default/Header.jsp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/jspwiki-war/src/main/webapp/templates/default/Header.jsp b/jspwiki-war/src/main/webapp/templates/default/Header.jsp
index bf5f006a0..51fc9c608 100644
--- a/jspwiki-war/src/main/webapp/templates/default/Header.jsp
+++ b/jspwiki-war/src/main/webapp/templates/default/Header.jsp
@@ -55,10 +55,10 @@
 
         <c:choose>
           <c:when test="${not empty fn:substringBefore(param.page,'_blogentry_')}">
-            <wiki:Link>${fn:replace(fn:replace(param.page,'_blogentry_',' ['),'_','#')}]</wiki:Link>
+            <wiki:Link><c:out value="${fn:replace(fn:replace(param.page,'_blogentry_',' ['),'_','#')}"/>]</wiki:Link>
           </c:when>
           <c:when test="${not empty fn:substringBefore(param.page,'_comments_')}">
-            <wiki:Link>${fn:replace(fn:replace(param.page,'_comments_',' ['),'_','#')}]</wiki:Link>
+            <wiki:Link><c:out value="${fn:replace(fn:replace(param.page,'_comments_',' ['),'_','#')}"/>"]</wiki:Link>
           </c:when>
           <c:otherwise><a href="#top" tabindex="-1"><wiki:PageName /></a></c:otherwise>
         </c:choose>