From: Frédéric Buclin Date: Tue, 13 Nov 2012 17:11:32 +0000 (+0100) Subject: Bug 731178 (CVE-2012-4199): [SECURITY] field-events.js.tmpl discloses product and... X-Git-Tag: bugzilla-3.6.12~2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4f5274a7f9e87452ef8839f75c488e9316a3ef06;p=thirdparty%2Fbugzilla.git Bug 731178 (CVE-2012-4199): [SECURITY] field-events.js.tmpl discloses product and component names that the user is not allowed to see r=dkl a=LpSolit --- diff --git a/template/en/default/bug/field-events.js.tmpl b/template/en/default/bug/field-events.js.tmpl index 06fba12450..80e6799f10 100644 --- a/template/en/default/bug/field-events.js.tmpl +++ b/template/en/default/bug/field-events.js.tmpl @@ -19,12 +19,17 @@ [%# INTERFACE: # field: a Bugzilla::Field object + # product: (optional) a Bugzilla::Product object. #%] [% FOREACH controlled_field = field.controls_visibility_of %] + [% vis_value = controlled_field.visibility_value %] + [% NEXT IF field.name == "product" + && vis_value.id != product.id + && !user.can_enter_product(vis_value) %] + showFieldWhen('[% controlled_field.name FILTER js %]', - '[% field.name FILTER js %]', - '[% controlled_field.visibility_value.name FILTER js %]'); + '[% field.name FILTER js %]', '[% vis_value.name FILTER js %]'); [% END %] [% FOREACH legal_value = field.legal_values %] [% FOREACH controlled_field = legal_value.controlled_values.keys %] diff --git a/template/en/default/bug/field.html.tmpl b/template/en/default/bug/field.html.tmpl index bb678d79df..d775d1f4ea 100644 --- a/template/en/default/bug/field.html.tmpl +++ b/template/en/default/bug/field.html.tmpl @@ -171,7 +171,7 @@