Index: branches/2.8.x/CHANGELOG =================================================================== --- branches/2.8.x/CHANGELOG (revision 1404) +++ branches/2.8.x/CHANGELOG (revision 1405) @@ -11,6 +11,8 @@ ! = Update/Change ------------------------------------- 2.8.2 ------------------------------------- +22 Jan-2011 Build 1405 Frank Heyne (FrankH) +# Security fix (XSS) in form module, thanks to Michael Schwarz 22 Jan-2011 Build 1404 Dietmar Woellbrink (Luisehahne) # Security fix in pages 22 Jan-2011 Build 1403 Dietmar Woellbrink (Luisehahne) @@ -19,7 +21,7 @@ ! secure peparing and beginning fix admin/pages 21 Jan-2011 Build 1401 Frank Heyne (FrankH) ! fixed changelog -#21 Jan-2011 Build 1400 Frank Heyne (FrankH) +21 Jan-2011 Build 1400 Frank Heyne (FrankH) # Security fix in account # Security fix in admin/media, thanks to hal 9000 21 Jan-2011 Build 1399 Dietmar Woellbrink (Luisehahne) Index: branches/2.8.x/wb/admin/interface/version.php =================================================================== --- branches/2.8.x/wb/admin/interface/version.php (revision 1404) +++ branches/2.8.x/wb/admin/interface/version.php (revision 1405) @@ -52,6 +52,6 @@ // check if defined to avoid errors during installation (redirect to admin panel fails if PHP error/warnings are enabled) if(!defined('VERSION')) define('VERSION', '2.8.2.RC5'); -if(!defined('REVISION')) define('REVISION', '1404'); +if(!defined('REVISION')) define('REVISION', '1405'); ?> Index: branches/2.8.x/wb/admin/preferences/save.php =================================================================== --- branches/2.8.x/wb/admin/preferences/save.php (revision 1404) +++ branches/2.8.x/wb/admin/preferences/save.php (revision 1405) @@ -30,7 +30,7 @@ $err_msg = array(); $min_pass_length = 6; // first check form-tan - if(!$admin->checkFTAN()){ $err_msg[] = $MESSAGE['PAGES']['NOT_SAVED']; } + if(!$admin->checkFTAN()){ $err_msg[] = $MESSAGE['GENERIC_SECURITY_ACCESS']; } // Get entered values and validate all // remove any dangerouse chars from display_name $display_name = $admin->add_slashes(strip_tags(trim($admin->get_post('display_name')))); Index: branches/2.8.x/wb/modules/form/view.php =================================================================== --- branches/2.8.x/wb/modules/form/view.php (revision 1404) +++ branches/2.8.x/wb/modules/form/view.php (revision 1405) @@ -430,7 +430,7 @@ } else { $submitted_by = 0; } - $email_body = $wb->add_slashes($email_body); + $email_body = htmlspecialchars($wb->add_slashes($email_body)); $database->query("INSERT INTO ".TABLE_PREFIX."mod_form_submissions (page_id,section_id,submitted_when,submitted_by,body) VALUES ('".PAGE_ID."','$section_id','".time()."','$submitted_by','$email_body')"); // Make sure submissions table isn't too full $query_submissions = $database->query("SELECT submission_id FROM ".TABLE_PREFIX."mod_form_submissions ORDER BY submitted_when");