From 7e07c7dee3072ea537e281ea0355f318ff9c4ad6 Mon Sep 17 00:00:00 2001 From: Mathieu Kooiman Date: Sun, 13 Mar 2016 13:53:20 +0100 Subject: [PATCH 1/4] Fix reflected XSS: /hardware?status=[injectionpoint] --- app/views/backend/hardware/index.blade.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/views/backend/hardware/index.blade.php b/app/views/backend/hardware/index.blade.php index 6d80dc3103..4f054c4183 100755 --- a/app/views/backend/hardware/index.blade.php +++ b/app/views/backend/hardware/index.blade.php @@ -69,7 +69,7 @@ data-url="{{route('api.hardware.list', array(''=>Input::get('status'),'order_number'=>Input::get('order_number')))}}" data-cookie="true" data-click-to-select="true" - data-cookie-id-table="{{ Input::get('status') }}assetTable-{{ Config::get('version.hash_version') }}"> + data-cookie-id-table="{{{ Input::get('status') }}}assetTable-{{ Config::get('version.hash_version') }}">
From ef58de5e8c630295ca1d3c49043477ecc9275bb1 Mon Sep 17 00:00:00 2001 From: Mathieu Kooiman Date: Sun, 13 Mar 2016 13:59:25 +0100 Subject: [PATCH 2/4] Fix self-xss points in /admin/asset_maintenances/create - title, start_date and completion_date were rendered unescaped --- app/views/backend/asset_maintenances/edit.blade.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/app/views/backend/asset_maintenances/edit.blade.php b/app/views/backend/asset_maintenances/edit.blade.php index 03e5383495..6d6095d664 100644 --- a/app/views/backend/asset_maintenances/edit.blade.php +++ b/app/views/backend/asset_maintenances/edit.blade.php @@ -73,7 +73,7 @@
- + {{ $errors->first('title', '
:message') }}
@@ -83,7 +83,7 @@
- + {{ $errors->first('start_date', '
:message') }}
@@ -93,7 +93,7 @@
- + {{ $errors->first('completion_date', '
:message') }}
From 796866fd54146b540b843c00ac12f5c228255c33 Mon Sep 17 00:00:00 2001 From: Mathieu Kooiman Date: Sun, 13 Mar 2016 14:08:57 +0100 Subject: [PATCH 3/4] Fix self-xss possibilities in /admin/licenses/create|edit --- app/views/backend/licenses/edit.blade.php | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/app/views/backend/licenses/edit.blade.php b/app/views/backend/licenses/edit.blade.php index ed689365ba..27eff4b054 100755 --- a/app/views/backend/licenses/edit.blade.php +++ b/app/views/backend/licenses/edit.blade.php @@ -52,7 +52,7 @@
- + {{ $errors->first('name', '
:message') }}
@@ -63,7 +63,7 @@
- + {{ $errors->first('serial', '
:message') }}
@@ -72,7 +72,7 @@
- + {{ $errors->first('license_name', '
:message') }}
@@ -81,7 +81,7 @@
- + {{ $errors->first('license_email', '
:message') }}
@@ -92,7 +92,7 @@
- + {{ $errors->first('seats', '
:message') }}
@@ -122,7 +122,7 @@
- + {{ $errors->first('order_number', '
:message') }}
@@ -131,7 +131,7 @@
- + {{ $errors->first('purchase_date', '
:message') }}
@@ -153,7 +153,7 @@
- + {{ $errors->first('purchase_order', '
:message') }}
@@ -163,7 +163,7 @@
- + {{ $errors->first('expiration_date', '
:message') }}
@@ -197,7 +197,7 @@
- + {{ $errors->first('termination_date', '
:message') }}
From 6020de6321ff0e7d5a059818cc1d5aebdb107d85 Mon Sep 17 00:00:00 2001 From: Mathieu Kooiman Date: Sun, 13 Mar 2016 14:25:46 +0100 Subject: [PATCH 4/4] Fix hard to exploit stored XSS possibility: code wrongly expected people to only be able to submit entries from