mirror of
https://github.com/postfixadmin/postfixadmin.git
synced 2024-09-20 03:36:20 +02:00
More XSS fixes:
create-alias.php, edit-alias.php: - fix XSS in error message templates/admin_list-domain.php: - fix XSS (by values stored in the database) in "description" field templates/fetchmail.php: - fix XSS (by values stored in the database) in any field templates/list-virtual.php: - fix XSS (by values stored in the database) in "name" field + CHANGELOG.TXT update Again, thanks to Filippo Cavallarin for pointing out those issues. git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1330 a1433add-5e2c-0410-b055-b7f2511e0802
This commit is contained in:
parent
d60276e864
commit
bf0892aa9c
@ -21,6 +21,9 @@ SVN changes since 2.3.4 release (postfixadmin-2.3 branch)
|
|||||||
contain malicious SQL. Double-check before using them!
|
contain malicious SQL. Double-check before using them!
|
||||||
- fix XSS with $_GET[domain] in templates/menu.php and edit-vacation
|
- fix XSS with $_GET[domain] in templates/menu.php and edit-vacation
|
||||||
- fix XSS in some create-domain input fields
|
- fix XSS in some create-domain input fields
|
||||||
|
- fix XSS in create-alias and edit-alias error message
|
||||||
|
- fix XSS (by values stored in the database) in fetchmail list view,
|
||||||
|
list-domain and list-virtual
|
||||||
- create-domain: fix SQL injection (only exploitable by superadmins)
|
- create-domain: fix SQL injection (only exploitable by superadmins)
|
||||||
- add missing $LANG['pAdminDelete_admin_error']
|
- add missing $LANG['pAdminDelete_admin_error']
|
||||||
- don't mark mailbox targets with recipient delimiter as "forward only"
|
- don't mark mailbox targets with recipient delimiter as "forward only"
|
||||||
|
@ -133,7 +133,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST")
|
|||||||
$error = 1;
|
$error = 1;
|
||||||
$tGoto = $goto;
|
$tGoto = $goto;
|
||||||
if (!empty($tMessage)) $tMessage .= "<br />";
|
if (!empty($tMessage)) $tMessage .= "<br />";
|
||||||
$tMessage .= $PALANG['pEdit_alias_goto_text_error2'] . "$address</span>";
|
$tMessage .= $PALANG['pEdit_alias_goto_text_error2'] . htmlentities($address) . "</span>";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -129,7 +129,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST")
|
|||||||
$error = 1;
|
$error = 1;
|
||||||
$tGoto = $goto;
|
$tGoto = $goto;
|
||||||
if (!empty($tMessage)) $tMessage .= "<br />";
|
if (!empty($tMessage)) $tMessage .= "<br />";
|
||||||
$tMessage .= $PALANG['pEdit_alias_goto_text_error2'] . "$address</span>";
|
$tMessage .= $PALANG['pEdit_alias_goto_text_error2'] . htmlentities($address) . "</span>";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -50,7 +50,7 @@ if (sizeof ($domain_properties) > 0)
|
|||||||
{
|
{
|
||||||
print " <tr class=\"hilightoff\" onMouseOver=\"className='hilighton';\" onMouseOut=\"className='hilightoff';\">\n";
|
print " <tr class=\"hilightoff\" onMouseOver=\"className='hilighton';\" onMouseOut=\"className='hilightoff';\">\n";
|
||||||
print "<td><a href=\"list-virtual.php?domain=" . $domain_properties[$i]['domain'] . "\">" . $domain_properties[$i]['domain'] . "</a></td>";
|
print "<td><a href=\"list-virtual.php?domain=" . $domain_properties[$i]['domain'] . "\">" . $domain_properties[$i]['domain'] . "</a></td>";
|
||||||
print "<td>" . $domain_properties[$i]['description'] . "</td>";
|
print "<td>" . htmlentities($domain_properties[$i]['description']) . "</td>";
|
||||||
print "<td>" . $domain_properties[$i]['alias_count'] . " / " . $domain_properties[$i]['aliases'] . "</td>";
|
print "<td>" . $domain_properties[$i]['alias_count'] . " / " . $domain_properties[$i]['aliases'] . "</td>";
|
||||||
print "<td>" . $domain_properties[$i]['mailbox_count'] . " / " . $domain_properties[$i]['mailboxes'] . "</td>";
|
print "<td>" . $domain_properties[$i]['mailbox_count'] . " / " . $domain_properties[$i]['mailboxes'] . "</td>";
|
||||||
if ($CONF['quota'] == 'YES')
|
if ($CONF['quota'] == 'YES')
|
||||||
|
@ -41,7 +41,7 @@ if ($edit || $new) { # edit mode
|
|||||||
list($editible,$view,$type)=$fm_struct[$key];
|
list($editible,$view,$type)=$fm_struct[$key];
|
||||||
if ($view){
|
if ($view){
|
||||||
$func="_listview_".$type;
|
$func="_listview_".$type;
|
||||||
print " <td nowrap>" . (function_exists($func)?$func($val):$val) . "</td>\n";
|
print " <td nowrap>" . htmlentities(function_exists($func)?$func($val):$val) . "</td>\n";
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -314,7 +314,7 @@ if (sizeof ($tMailbox) > 0) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
print " <td>" . $tMailbox[$i]['name'] . "</td>\n";
|
print " <td>" . htmlentities($tMailbox[$i]['name']) . "</td>\n";
|
||||||
if ($CONF['quota'] == 'YES')
|
if ($CONF['quota'] == 'YES')
|
||||||
{
|
{
|
||||||
print " <td>";
|
print " <td>";
|
||||||
|
Loading…
Reference in New Issue
Block a user