From ebbef3b12bf9150995d42ebb1bb170b38169b443 Mon Sep 17 00:00:00 2001
From: Andreas Gohr <andi@splitbrain.org>
Date: Sun, 4 May 2008 18:31:49 +0200
Subject: fix for possible XSS vulnerability in html_revisions()

darcs-hash:20080504163149-7ad00-807016f20298b25c1a3df2040b051c02e6ce2d91.gz
---
 inc/html.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'inc/html.php')

diff --git a/inc/html.php b/inc/html.php
index 9ba00b58d..ba4e54d8c 100644
--- a/inc/html.php
+++ b/inc/html.php
@@ -431,9 +431,9 @@ function html_revisions($first=0){
     print '<a class="wikilink1" href="'.wl($ID).'">'.$ID.'</a> ';
 
     print ' &ndash; ';
-    print $INFO['sum'];
+    print htmlspecialchars($INFO['sum']);
     print ' <span class="user">';
-    print (empty($INFO['editor']))?('('.$lang['external_edit'].')'):$INFO['editor'];
+    print (empty($INFO['editor']))?('('.$lang['external_edit'].')'):htmlspecialchars($INFO['editor']);
     print '</span> ';
 
     print '('.$lang['current'].')';
@@ -477,7 +477,7 @@ function html_revisions($first=0){
     print htmlspecialchars($info['sum']);
     print ' <span class="user">';
     if($info['user']){
-      print $info['user'];
+      print htmlspecialchars($info['user']);
     }else{
       print $info['ip'];
     }
@@ -571,7 +571,7 @@ function html_recent($first=0){
 
     print ' <span class="user">';
     if($recent['user']){
-      print $recent['user'];
+      print htmlspecialchars($recent['user']);
     }else{
       print $recent['ip'];
     }
-- 
cgit v1.2.3