summaryrefslogtreecommitdiff
path: root/www-apps/websvn/files/30_CVE-2016-2511.patch
diff options
context:
space:
mode:
Diffstat (limited to 'www-apps/websvn/files/30_CVE-2016-2511.patch')
-rw-r--r--www-apps/websvn/files/30_CVE-2016-2511.patch11
1 files changed, 11 insertions, 0 deletions
diff --git a/www-apps/websvn/files/30_CVE-2016-2511.patch b/www-apps/websvn/files/30_CVE-2016-2511.patch
new file mode 100644
index 000000000000..9c270bbc4582
--- /dev/null
+++ b/www-apps/websvn/files/30_CVE-2016-2511.patch
@@ -0,0 +1,11 @@
+--- orig/include/setup.php 2016-02-19 16:02:05.674756241 +0100
++++ new/include/setup.php 2016-02-19 16:02:10.166832543 +0100
+@@ -467,7 +467,7 @@
+ $vars['validationurl'] = getFullURL($_SERVER['SCRIPT_NAME']).'?'.buildQuery($queryParams + array('template' => $template, 'language' => $language), '%26');
+
+ // To avoid a possible XSS exploit, need to clean up the passed-in path first
+-$path = !empty($_REQUEST['path']) ? $_REQUEST['path'] : null;
++$path = !empty($_REQUEST['path']) ? escape($_REQUEST['path']) : null;
+ if ($path === null || $path === '')
+ $path = '/';
+ $vars['safepath'] = escape($path);
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-14 02:32:14 +0000