Skip to content

Commit 13239c2

Browse files
bdalsassbdalsass
committed
N°8201 - [CVE_Request]_Cross-Site-Script Reflected(XSS Reflected at the name="attr_installed" (Low or Medium)
1 parent 81b20ee commit 13239c2

File tree

1 file changed

+2
-2
lines changed

1 file changed

+2
-2
lines changed

pages/UI.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1989,7 +1989,7 @@ function DisplayNavigatorGroupTab($oP)
19891989
{
19901990
$oP->add("<h1>".Dict::S('UI:FatalErrorMessage')."</h1>\n");
19911991
}
1992-
$oP->error(Dict::Format('UI:Error_Details', $e->getHtmlDesc()));
1992+
$oP->error(Dict::Format('UI:Error_Details', Str::pure2html($e->getHtmlDesc())));
19931993
$oP->output();
19941994

19951995
if (MetaModel::IsLogEnabledIssue())
@@ -2025,7 +2025,7 @@ function DisplayNavigatorGroupTab($oP)
20252025
require_once(APPROOT.'/setup/setuppage.class.inc.php');
20262026
$oP = new ErrorPage(Dict::S('UI:PageTitle:FatalError'));
20272027
$oP->add("<h1>".Dict::S('UI:FatalErrorMessage')."</h1>\n");
2028-
$oP->error(Dict::Format('UI:Error_Details', $e->getMessage()));
2028+
$oP->error(Dict::Format('UI:Error_Details', Str::pure2html($e->getMessage())));
20292029
$oP->output();
20302030

20312031
if (MetaModel::IsLogEnabledIssue())

0 commit comments

Comments
 (0)