Skip to content

Commit 864f039

Browse files
jaimeperezjaimeperez
authored
Merge pull request from GHSA-mj9p-v2r8-wf8w
* Update the changelog Signed-off-by: Jaime Pérez Crespo <jaime.perez@uninett.no> * Bump version Signed-off-by: Jaime Pérez Crespo <jaime.perez@uninett.no> * Fix for XSS in email class Signed-off-by: Jaime Pérez Crespo <jaime.perez@uninett.no> * Fix issue with reportId not being properly sanitized Signed-off-by: Jaime Pérez Crespo <jaime.perez@uninett.no>
1 parent 752cccf commit 864f039

2 files changed

Lines changed: 5 additions & 1 deletion

File tree

lib/SimpleSAML/Utils/EMail.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -274,7 +274,7 @@ public function generateBody($template)
274274
</head>
275275
<body>
276276
<div class="container" style="background: #fafafa; border: 1px solid #eee; margin: 2em; padding: .6em;">
277-
' . $this->text . '
277+
' . htmlspecialchars($this->text) . '
278278
</div>
279279
</body>
280280
</html>';

www/errorreport.php

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,10 @@
1717
$email = $_REQUEST['email'];
1818
$text = $_REQUEST['text'];
1919

20+
if (!preg_match('/^[0-9a-f]{8}$/', $reportId)) {
21+
throw new \SimpleSAML\Error\Exception('Invalid reportID');
22+
}
23+
2024
$data = null;
2125
try {
2226
$session = \SimpleSAML\Session::getSessionFromRequest();

0 commit comments

Comments
 (0)