aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFrédéric Buclin <LpSolit@gmail.com>2012-11-13 18:56:26 +0100
committerFrédéric Buclin <LpSolit@gmail.com>2012-11-13 18:56:26 +0100
commit3a3636a8e51513cda6979bf13c02f573d1e9737f (patch)
tree4d312105703db3c8012d53a85f7ce4415e0f1c80 /report.cgi
parentBug 808845 (CVE-2012-5475): [SECURITY] Security vulnerability in YUI's swfsto... (diff)
downloadbugzilla-3a3636a8e51513cda6979bf13c02f573d1e9737f.tar.gz
bugzilla-3a3636a8e51513cda6979bf13c02f573d1e9737f.tar.bz2
bugzilla-3a3636a8e51513cda6979bf13c02f573d1e9737f.zip
Bug 790296 (CVE-2012-4189): [SECURITY] Field values are not escaped correctly in tabular reports
r=dkl a=LpSolit
Diffstat (limited to 'report.cgi')
-rwxr-xr-xreport.cgi2
1 files changed, 1 insertions, 1 deletions
diff --git a/report.cgi b/report.cgi
index cc43e66e4..5d5033b7d 100755
--- a/report.cgi
+++ b/report.cgi
@@ -354,5 +354,5 @@ sub get_field_restrictions {
my $field = shift;
my $cgi = Bugzilla->cgi;
- return join('&', map {"$field=$_"} $cgi->param($field));
+ return join('&amp;', map {url_quote($field) . '=' . url_quote($_)} $cgi->param($field));
}