Projects
Eulaceura:Factory
ganglia
_service:obs_scm:CVE-2019-20378_CVE-2019-20379....
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:obs_scm:CVE-2019-20378_CVE-2019-20379.patch of Package ganglia
From ab909037aa30bc200d467eecb1c189565604ba6a Mon Sep 17 00:00:00 2001 From: Adam Tygart <adam.tygart@gmail.com> Date: Fri, 28 Feb 2020 10:17:20 -0600 Subject: [PATCH] Fix XSS from OBB-1005024 --- graph_all_periods.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/graph_all_periods.php b/graph_all_periods.php index 4e90ccba..9185d646 100644 --- a/graph_all_periods.php +++ b/graph_all_periods.php @@ -10,12 +10,12 @@ $data->assign("refresh", $conf['default_refresh']); $data->assign("conf", $conf); $data->assign("embed", - isset($_REQUEST['embed']) ? $_REQUEST['embed'] : NULL); + isset($_REQUEST['embed']) ? sanitize($_REQUEST['embed']) : NULL); $data->assign("mobile", - isset($_REQUEST['mobile']) ? $_REQUEST['mobile'] : NULL); -$data->assign("h", isset($_GET['h']) ? $_GET['h'] : NULL); -$data->assign("g", isset($_GET['g']) ? $_GET['g'] : NULL); -$data->assign("m", isset($_GET['m']) ? $_GET['m'] : NULL); + isset($_REQUEST['mobile']) ? sanitize($_REQUEST['mobile']) : NULL); +$data->assign("h", isset($_GET['h']) ? sanitize($_GET['h']) : NULL); +$data->assign("g", isset($_GET['g']) ? sanitize($_GET['g']) : NULL); +$data->assign("m", isset($_GET['m']) ? sanitize($_GET['m']) : NULL); $data->assign("html_g", isset($_GET['g']) ? htmlspecialchars($_GET['g']) : NULL); $data->assign("html_m",
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2