tags 435935 +patch +fixed-upstream tags 435936 +patch +fixed-upstream tags 435937 +patch tags
thanks Hi, Please find attached a quite trivial patch for this issue, extracted from the new upstream 2.5.4 release. Please apply, and mention the CVE id CVE-2007-4048 in the changelog when uploading. Thanks! Thijs
--- 3/includes/system_footer.php 2007-03-18 12:08:44.000000000 +0100
+++ 4/includes/system_footer.php 2007-08-19 20:55:38.000000000 +0200
@@ -29,7 +29,7 @@
if( ! $hide_picklist ) {
echo "<center>\n";
- $update_form = "<form method=\"POST\" action=\"" . $_SERVER['PHP_SELF'] . "\">\n" . "\t" . $text['template'] . ": \n" . "\t<select name=\"template\">\n";
+ $update_form = "<form method=\"POST\" action=\"" . htmlentities($_SERVER['PHP_SELF']) . "\">\n" . "\t" . $text['template'] . ": \n" . "\t<select name=\"template\">\n";
$resDir = opendir( APP_ROOT . '/templates/' );
while( false !== ( $strFile = readdir( $resDir ) ) ) {
pgpKlOdZr0JNo.pgp
Description: PGP signature
