From: lpsolit%gmail.com <>
Date: Mon, 5 May 2008 05:15:00 +0000 (+0000)
Subject: Bug 425665: [SECURITY] XSS in show_bug.cgi: id isn't filtered for format=multiple... 
X-Git-Tag: bugzilla-2.20.6~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f712e629242fb6590a25ae8958a192e76f6669f4;p=thirdparty%2Fbugzilla.git

Bug 425665: [SECURITY] XSS in show_bug.cgi: id isn't filtered for format=multiple - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat r=wurblzap a=LpSolit
---

diff --git a/template/en/default/bug/show-multiple.html.tmpl b/template/en/default/bug/show-multiple.html.tmpl
index c1eb27c75b..c403fe1e1d 100644
--- a/template/en/default/bug/show-multiple.html.tmpl
+++ b/template/en/default/bug/show-multiple.html.tmpl
@@ -48,7 +48,7 @@
 [% BLOCK bug_display %]
   <div align="center">
     <b>
-      <font size="+3">[% terms.Bug %] [%+ bug.bug_id %] - [% bug.short_desc FILTER html %]</font>
+      <font size="+3">[% terms.Bug %] [%+ bug.bug_id FILTER html %] - [% bug.short_desc FILTER html %]</font>
     </b>
   </div>
 
@@ -56,7 +56,7 @@
     <tr>
       <td>
         <b>[% terms.Bug %]#:</b>
-        <a href="show_bug.cgi?id=[% bug.bug_id %]">[% bug.bug_id %]</a>
+        <a href="show_bug.cgi?id=[% bug.bug_id FILTER html %]">[% bug.bug_id FILTER html %]</a>
         [% IF Param("usebugaliases") AND bug.alias %]  
           ([% bug.alias FILTER html %])
         [% END %]
diff --git a/template/en/default/filterexceptions.pl b/template/en/default/filterexceptions.pl
index ab0a752471..2b9ec1ee2d 100644
--- a/template/en/default/filterexceptions.pl
+++ b/template/en/default/filterexceptions.pl
@@ -349,7 +349,6 @@
 ],
 
 'bug/show-multiple.html.tmpl' => [
-  'bug.bug_id', 
   'bug.deadline',
 ],