Bug 367674: [SECURITY] XSS when reading Atom feeds due to unescaped HTML

Patch By Frédéric Buclin <LpSolit@gmail.com> r=bkor, a=mkanat

diff --git a/template/en/default/list/list.atom.tmpl b/template/en/default/list/list.atom.tmpl
index 5e15708110c79022ed070ae72a2f604ee98ba46d..d3ce0639171f7c7adfb453bed0984f3140d1d763 100644 (file)
--- a/template/en/default/list/list.atom.tmpl
+++ b/template/en/default/list/list.atom.tmpl
@@ -62,23 +62,23 @@
       <tr>
         <th>Field</th><th>Value</th>
       </tr><tr>
-        <td>[% columns.opendate.title FILTER none %]</td>
-        <td>[% bug.opendate FILTER none %]</td>
+        <td>[% columns.opendate.title FILTER html %]</td>
+        <td>[% bug.opendate FILTER html %]</td>
       </tr><tr>
-        <td>[% columns.assigned_to_realname.title FILTER none %]</td>
-        <td>[% bug.assigned_to_realname FILTER none %]</td>
+        <td>[% columns.assigned_to_realname.title FILTER html %]</td>
+        <td>[% bug.assigned_to_realname FILTER html %]</td>
       </tr><tr>
-        <td>[% columns.priority.title FILTER none %]</td>
-        <td>[% bug.priority FILTER none %]</td>
+        <td>[% columns.priority.title FILTER html %]</td>
+        <td>[% bug.priority FILTER html %]</td>
       </tr><tr>
-        <td>[% columns.bug_severity.title FILTER none %] </td>
-        <td>[% bug.bug_severity FILTER none %]</td>
+        <td>[% columns.bug_severity.title FILTER html %] </td>
+        <td>[% bug.bug_severity FILTER html %]</td>
       </tr><tr>
-        <td>[% columns.bug_status.title FILTER none %]</td>
-        <td>[% bug.bug_status FILTER none %]</td>
+        <td>[% columns.bug_status.title FILTER html %]</td>
+        <td>[% bug.bug_status FILTER html %]</td>
       </tr><tr>
-        <td>[% columns.changeddate.title FILTER none %]</td>
-        <td>[% bug.changeddate FILTER none -%]</td>
+        <td>[% columns.changeddate.title FILTER html %]</td>
+        <td>[% bug.changeddate FILTER html -%]</td>
       </tr>
       </table>
       [% END %]