-
Notifications
You must be signed in to change notification settings - Fork 9.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
XSS Vulnerability in app/code/core/Mage/CatalogSearch/Block/Result.php #275
Comments
The text is escaped in the breadcrumbs template. But you're right, it might be better to escape the text on the block level, for people using bad modified templates. |
magento-team
added a commit
that referenced
this issue
Jan 31, 2014
* Modularity improvements: * Consolidated all PayPal-related logic in a separate module * Resolved dependencies on the Magento_GroupedProduct module * Added the ability to enable/disable/remove the Magento_GroupedProduct module without impact on the system * Implemented the Oyejorge Less.php adapter * Implemented the Less files importing mechanism * Added the ability to configure certain cache frontend, and associate it to multiple cache types, thus avoiding the duplication of cache configuration * Implemented the more strict format of array definition in the DI configuration: * Covered array definitions with XSD, and made the whole DI configuration validated with XSD * Added the ability to define arrays with keys containing invalid XML characters, that was impossible when keys were represented by the node names * Fixed bugs: * Fixed an issue with missed image for a cron job for the abandoned cart emails * Restored the ability to configure cache storage in `local.xml` * Fixed an issue with the css\js merging functionality * Fixed an issue with customer selection on the order creation page * AppInterface renamed to LauncherInterface * Removed the reinit logic from the Config object * Framework part of the "URL" functionality removed from modules * Framework part of the "Config" functionality removed from modules * Removed the deprecated EAV structure creation method from the EAV setup model * Updated various PHPDoc with parameter and return types * Indexer implementation: * Implemented a new indexer structure * Refactored Web API Framework to support the Data Object based service interfaces * Refactored controllers, blocks and templates of the Sales module to use Customer service * GitHub requests: * [#275] (#275) -- XSS Vulnerability in app/code/core/Mage/CatalogSearch/Block/Result.php * Removed the outdated Customer service
@tomlankhorst , thank you for reporting this issue to us! We have processed it. The fix has been released in version dev63. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The protected function '_prepareLayout' at line 64 uses the non-escaped QueryText for displaying a breadcrumb at client-side. Instead of method 'getQueryText', 'getEscapedQueryText' should be used.
The text was updated successfully, but these errors were encountered: