50189 reflected XSS (#846)

onOffice-Web-Org · Jul 9, 2024 · f53aad0 · f53aad0
1 parent b9191e7
commit f53aad0
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 2 deletions.
diff --git a/plugin/Gui/AdminPageFormSettingsBase.php b/plugin/Gui/AdminPageFormSettingsBase.php
@@ -60,6 +60,7 @@
 use function __;
 use function esc_sql;
 use function wp_enqueue_script;
+use function esc_attr;
 
 /**
  *
@@ -761,7 +762,7 @@ public function renderContent()
 		$this->generatePageMainTitle( $this->getPageTitle() );
 		echo '<form id="onoffice-ajax" action="' . admin_url( 'admin-post.php' ) . '" method="post">';
 		echo '<input type="hidden" name="action" value="' . get_current_screen()->id . '" />';
-		echo '<input type="hidden" name="record_id" value="' . ( $_GET['id'] ?? 0 ) . '" />';
+		echo '<input type="hidden" name="record_id" value="' . esc_attr( $_GET['id'] ?? 0 ) . '" />';
 		echo '<input type="hidden" name="type" value="' . $this->getType() . '" />';
 		wp_nonce_field( get_current_screen()->id, 'nonce' );
 		wp_nonce_field( 'meta-box-order', 'meta-box-order-nonce', false );

diff --git a/plugin/Gui/AdminPageSettingsBase.php b/plugin/Gui/AdminPageSettingsBase.php
@@ -46,6 +46,7 @@
 use function wp_nonce_field;
 use function wp_register_script;
 use function wp_verify_nonce;
+use function esc_attr;
 
 /**
  *
@@ -173,7 +174,7 @@ public function renderContent()
 		$this->generatePageMainTitle( $this->getPageTitle() );
 		echo '<form id="onoffice-ajax" action="' . admin_url( 'admin-post.php' ) . '" method="post">';
 		echo '<input type="hidden" name="action" value="' . get_current_screen()->id . '" />';
-		echo '<input type="hidden" name="record_id" value="' . ( $_GET['id'] ?? 0 ) . '" />';
+		echo '<input type="hidden" name="record_id" value="' . esc_attr( $_GET['id'] ?? 0 ) . '" />';
 		wp_nonce_field( get_current_screen()->id, 'nonce' );
 		wp_nonce_field( 'meta-box-order', 'meta-box-order-nonce', false );
 		wp_nonce_field( 'closedpostboxes', 'closedpostboxesnonce', false );