tyler.durden/loganalyzer
1
0
Fork 0
mirror of https://github.com/rsyslog/loganalyzer.git synced 2025-09-26 11:19:26 +02:00
Code Issues Packages Projects Releases Wiki Activity

reports: Fixed XSS issues in autisummary and logonlogoff report

Browse Source
This commit is contained in:
Andre Lorbach 2016-10-11 15:08:01 +02:00
parent 3f26c3e25a
commit 9eddd8a5d8
2 changed files with 2 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/classes/reports/report.eventlog.auditsummary.class.php
View File

@ -236,7 +236,7 @@ class Report_auditsummary extends Report {
foreach ($content["report_summary"] as &$tmpReportData )
{
$tmpReportData['DisplayName'] = $tmpReportData[SYSLOG_HOST];
$tmpReportData['DisplayName'] = htmlspecialchars($tmpReportData[SYSLOG_HOST]);
$tmpReportData['bgcolor'] = "#BBBBBB"; // $severity_colors[ $tmpReportData[SYSLOG_SEVERITY] ];
$iTotalEvents += $tmpReportData['itemcount'];
@ -433,9 +433,6 @@ class Report_auditsummary extends Report {
$nowtime = microtime_float();
$content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s ";
// Update all Checksums first!
//not needed $this->_streamObj->UpdateAllMessageChecksum();
// TimeStats
$nowtime = microtime_float();
$content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s ";

5
src/classes/reports/report.eventlog.logonlogoff.class.php
View File

@ -153,7 +153,7 @@ class Report_logonlogoff extends Report {
foreach ($content["report_summary"] as &$tmpReportData )
{
$tmpReportData['DisplayName'] = $tmpReportData[SYSLOG_HOST];
$tmpReportData['DisplayName'] = htmlspecialchars($tmpReportData[SYSLOG_HOST]);
$tmpReportData['bgcolor'] = "#BBBBBB"; // $severity_colors[ $tmpReportData[SYSLOG_SEVERITY] ];
$iTotalEvents += $tmpReportData['itemcount'];
@ -322,9 +322,6 @@ class Report_logonlogoff extends Report {
$nowtime = microtime_float();
$content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s ";
// Update all Checksums first!
//not needed $this->_streamObj->UpdateAllMessageChecksum();
// TimeStats
$nowtime = microtime_float();
$content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s ";