From 4ec947715d9faafcc71bc3fc3a5022a7919dbabf Mon Sep 17 00:00:00 2001 From: Aleksander Machniak <alec@alec.pl> Date: Wed, 09 Sep 2015 03:12:11 -0400 Subject: [PATCH] Fix XSS issue in drag-n-drop file uploads (#1490530) --- CHANGELOG | 1 + program/js/app.js | 3 ++- 2 files changed, 3 insertions(+), 1 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index 33b4713..89da3ca 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -12,6 +12,7 @@ - Fix support for Mozilla-based browsers, e.g. Pale Moon (#1490517) - Fix various issues with Turkish (and similar) locales (#1490519) - Fix so In-Reply-To header is set also for MDN receipts (#1490523) +- Fix XSS issue in drag-n-drop file uploads (#1490530) RELEASE 1.0.6 ------------- diff --git a/program/js/app.js b/program/js/app.js index 603d2f8..3d3eeea 100644 --- a/program/js/app.js +++ b/program/js/app.js @@ -7281,7 +7281,8 @@ var submit_data = function() { var multiple = files.length > 1, ts = new Date().getTime(), - content = '<span>' + (multiple ? ref.get_label('uploadingmany') : files[0].name) + '</span>'; + // jQuery way to escape filename (#1490530) + content = $('<span>').text(multiple ? ref.get_label('uploadingmany') : files[0].name).html(); // add to attachments list if (!ref.add2attachment_list(ts, { name:'', html:content, classname:'uploading', complete:false })) -- Gitblit v1.9.1