From 47b2b0f61b3ad957aac4d8340be0122c02d15e33 Mon Sep 17 00:00:00 2001
From: Markus Friedrich <markus.friedrich@dkd.de>
Date: Wed, 5 Apr 2023 13:22:25 +0200
Subject: [PATCH] [BUGFIX:BP:11.5] Sanitize frequent and last searches output

Wraps output of frequent searches and last searches in
format.htmlentities, to prevent XSS. In rare scenarios
there might be issues with unsanitized output of frequent
searches and/or last searches, this issues are now solved.

The StatisticsWriterProcessor is already sanitizing the stored
terms, but as it's possible to use any custom table it should be
ensured the data is sanitized.

If last searches is activated and configured for global mode,
there might be issues too. Though it's required that the prepared
query delivers result documents, as EXT:solr will only store the
terms if results are found, the output should be sanitized too.

Ports: #3590
Resolves: #3589
---
 Resources/Private/Partials/Search/FrequentlySearched.html | 2 +-
 Resources/Private/Partials/Search/LastSearches.html       | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/Resources/Private/Partials/Search/FrequentlySearched.html b/Resources/Private/Partials/Search/FrequentlySearched.html
index ad3d591782..f0f47d1987 100644
--- a/Resources/Private/Partials/Search/FrequentlySearched.html
+++ b/Resources/Private/Partials/Search/FrequentlySearched.html
@@ -19,7 +19,7 @@
 			<ul class="list-group list-group-flush collapse show" id="frequendSearches">
 				<f:for each="{frequentSearches}" as="searchedForInfo">
 					<li class="list-group-item {searchedForInfo.class}">
-						<a href="{s:uri.search.startNewSearch(queryString: searchedForInfo.q)}" class="solr-ajaxified">{searchedForInfo.q}</a>
+						<a href="{s:uri.search.startNewSearch(queryString: searchedForInfo.q)}" class="solr-ajaxified"><f:format.htmlentities>{searchedForInfo.q}</f:format.htmlentities></a>
 					</li>
 				</f:for>
 			</ul>
diff --git a/Resources/Private/Partials/Search/LastSearches.html b/Resources/Private/Partials/Search/LastSearches.html
index e2bbc9f35a..873e9dce5d 100644
--- a/Resources/Private/Partials/Search/LastSearches.html
+++ b/Resources/Private/Partials/Search/LastSearches.html
@@ -20,7 +20,7 @@
 			<ul class="list-group collapse show" id="lastSearches">
 				<f:for each="{lastSearches}" as="searchedFor">
 					<li class="list-group-item">
-						<a href="{s:uri.search.startNewSearch(queryString: searchedFor)}" class="solr-ajaxified">{searchedFor}</a>
+						<a href="{s:uri.search.startNewSearch(queryString: searchedFor)}" class="solr-ajaxified"><f:format.htmlentities>{searchedFor}</f:format.htmlentities></a>
 					</li>
 				</f:for>
 			</ul>