Fix some reflected XSS bugs

fixes #4979
2023-01-11 15:30:03 +01:00 · 2023-01-11 15:30:03 +01:00 · e542982de0
parent 8837fea7a4
commit e542982de0
5 changed files with 31 additions and 21 deletions
--- a/application/views/scripts/form/reorder-authbackend.phtml
+++ b/application/views/scripts/form/reorder-authbackend.phtml
@ -1,4 +1,14 @@
-<form id="<?= $form->getId() ?>" name="<?= $form->getName() ?>" enctype="<?= $form->getEncType() ?>" method="<?= $form->getMethod() ?>" action="<?= $form->getAction() ?>">
+<form id="<?=
+$this->escape($form->getId())
+?>" name="<?=
+$this->escape($form->getName())
+?>" enctype="<?=
+$this->escape($form->getEncType())
+?>" method="<?=
+$this->escape($form->getMethod())
+?>" action="<?=
+$this->escape($form->getAction())
+?>">
  <table class="table-row-selectable common-table" data-base-target="_next">
    <thead>
      <th><?= $this->translate('Backend') ?></th>
--- a/modules/monitoring/application/views/scripts/form/reorder-command-transports.phtml
+++ b/modules/monitoring/application/views/scripts/form/reorder-command-transports.phtml
@ -3,15 +3,15 @@
 /** @var \Icinga\Module\Monitoring\Forms\Config\TransportReorderForm $form */
 ?>
 <form id="<?=
-    $form->getId()
+$this->escape($form->getId())
 ?>" name="<?=
-    $form->getName()
+$this->escape($form->getName())
 ?>" enctype="<?=
-    $form->getEncType()
+$this->escape($form->getEncType())
 ?>" method="<?=
-    $form->getMethod()
+$this->escape($form->getMethod())
 ?>" action="<?=
-    $form->getAction()
+$this->escape($form->getAction())
 ?>">
    <table class="table-row-selectable common-table" data-base-target="_next">
        <thead>
--- a/modules/setup/application/views/scripts/form/setup-modules.phtml
+++ b/modules/setup/application/views/scripts/form/setup-modules.phtml
@ -4,11 +4,11 @@ use Icinga\Web\Wizard;

 ?>
 <form
- id="<?= $form->getName(); ?>"
- name="<?= $form->getName(); ?>"
- enctype="<?= $form->getEncType(); ?>"
- method="<?= $form->getMethod(); ?>"
- action="<?= $form->getAction(); ?>"
+ id="<?= $this->escape($form->getName()); ?>"
+ name="<?= $this->escape($form->getName()); ?>"
+ enctype="<?= $this->escape($form->getEncType()); ?>"
+ method="<?= $this->escape($form->getMethod()); ?>"
+ action="<?= $this->escape($form->getAction()); ?>"
 class="icinga-controls"
 data-progress-element="<?= Wizard::PROGRESS_ELEMENT; ?>"
 >
--- a/modules/setup/application/views/scripts/form/setup-requirements.phtml
+++ b/modules/setup/application/views/scripts/form/setup-requirements.phtml
@ -14,11 +14,11 @@ if (! $form->getWizard()->getRequirements()->fulfilled()) {
 <?= $wizard->getRequirements(); ?>
 <?php endforeach ?>
 <form
- id="<?= $form->getName(); ?>"
- name="<?= $form->getName(); ?>"
- enctype="<?= $form->getEncType(); ?>"
- method="<?= $form->getMethod(); ?>"
- action="<?= $form->getAction(); ?>"
+ id="<?= $this->escape($form->getName()); ?>"
+ name="<?= $this->escape($form->getName()); ?>"
+ enctype="<?= $this->escape($form->getEncType()); ?>"
+ method="<?= $this->escape($form->getMethod()); ?>"
+ action="<?= $this->escape($form->getAction()); ?>"
 data-progress-element="<?= Wizard::PROGRESS_ELEMENT; ?>"
 >
  <?= $form->getElement($form->getTokenElementName()); ?>
--- a/modules/setup/application/views/scripts/form/setup-summary.phtml
+++ b/modules/setup/application/views/scripts/form/setup-summary.phtml
@ -26,11 +26,11 @@ $form->getElement(Wizard::BTN_NEXT)->setAttrib(
 <?php endforeach ?>
 </div>
 <form
- id="<?= $form->getName(); ?>"
- name="<?= $form->getName(); ?>"
- enctype="<?= $form->getEncType(); ?>"
- method="<?= $form->getMethod(); ?>"
- action="<?= $form->getAction(); ?>"
+ id="<?= $this->escape($form->getName()); ?>"
+ name="<?= $this->escape($form->getName()); ?>"
+ enctype="<?= $this->escape($form->getEncType()); ?>"
+ method="<?= $this->escape($form->getMethod()); ?>"
+ action="<?= $this->escape($form->getAction()); ?>"
 data-progress-element="<?= Wizard::PROGRESS_ELEMENT; ?>"
 class="summary"
 >