PHP :: Bug #56012 :: SECURITY: critical - bug system does not escape HTML in titles

Bug #56012	SECURITY: critical - bug system does not escape HTML in titles
Submitted:	2004-03-22 09:36 UTC	Modified:	2004-03-23 02:24 UTC
From:	alan at akbkhome dot com	Assigned:	mj (profile)
Status:	Closed	Package:	PECL bug system (PECL)
PHP Version:	4.3.4	OS:	na
Private report:	No	CVE-ID:	None

View Developer Edit

[2004-03-22 09:36 UTC] alan at akbkhome dot com

Description:
------------
submitting a bug to HTML_javascript produces a search result with a bug on Flexy that as <textarea> in the title..

- this appears as a text area..

- we are suceptable to cross site scripting!!!!!!!

** need to htmlspecialchars title !

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2004-03-22 20:34 UTC] danielc at analysisandsolutions dot com

The only place I found in bugs that presents the sdesc field unescaped is on line 87 of report.php, where $row['sdesc'] should be htmlspecialchars($row['sdesc']).

This section of code gets presented to the submittor once they initially submit a bug report and bugs are found that appear similar to the one they're trying to submit.

Is this where you saw the problem?

[2004-03-23 01:23 UTC] alan at akbkhome dot com

yeap - thats the one

[2004-03-23 02:24 UTC] mj@php.net

This bug has been fixed in CVS.

In case this was a documentation problem, the fix will show up at the
end of next Sunday (CET) on pear.php.net.

In case this was a pear.php.net website problem, the change will show
up on the website in short time.
 
Thank you for the report, and for helping us make PEAR better.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Tue May 13 14:01:28 2025 UTC