Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

XSS Vulnerability in app/code/core/Mage/CatalogSearch/Block/Result.php #275

Closed
tomlankhorst opened this issue Apr 4, 2013 · 2 comments
Closed

XSS Vulnerability in app/code/core/Mage/CatalogSearch/Block/Result.php #275

tomlankhorst opened this issue Apr 4, 2013 · 2 comments

Comments

@tomlankhorst
Copy link

The protected function '_prepareLayout' at line 64 uses the non-escaped QueryText for displaying a breadcrumb at client-side. Instead of method 'getQueryText', 'getEscapedQueryText' should be used.
@hectorj
Copy link

hectorj commented Apr 4, 2013

The text is escaped in the breadcrumbs template. But you're right, it might be better to escape the text on the block level, for people using bad modified templates.

magento-team added a commit that referenced this issue Jan 31, 2014
@magento-team
2.0.0.0-dev63
75b80bc 
* Modularity improvements:
  * Consolidated all PayPal-related logic in a separate module
  * Resolved dependencies on the Magento_GroupedProduct module
  * Added the ability to enable/disable/remove the Magento_GroupedProduct module without impact on the system
* Implemented the Oyejorge Less.php adapter
* Implemented the Less files importing mechanism
* Added the ability to configure certain cache frontend, and associate it to multiple cache types, thus avoiding the duplication of cache configuration
* Implemented the more strict format of array definition in the DI configuration:
  * Covered array definitions with XSD, and made the whole DI configuration validated with XSD
  * Added the ability to define arrays with keys containing invalid XML characters, that was impossible when keys were represented by the node names
* Fixed bugs:
  * Fixed an issue with missed image for a cron job for the abandoned cart emails
  * Restored the ability to configure cache storage in `local.xml`
  * Fixed an issue with the css\js merging functionality
  * Fixed an issue with customer selection on the order creation page
* AppInterface renamed to LauncherInterface
* Removed the reinit logic from the Config object
* Framework part of the "URL" functionality removed from modules
* Framework part of the "Config" functionality removed from modules
* Removed the deprecated EAV structure creation method from the EAV setup model
* Updated various PHPDoc with parameter and return types
* Indexer implementation:
  * Implemented a new indexer structure
* Refactored Web API Framework to support the Data Object based service interfaces
* Refactored controllers, blocks and templates of the Sales module to use Customer service
* GitHub requests:
  * [#275] (#275) -- XSS Vulnerability in app/code/core/Mage/CatalogSearch/Block/Result.php
* Removed the outdated Customer service
@verklov
Copy link
Contributor

verklov commented Jan 31, 2014

@tomlankhorst , thank you for reporting this issue to us! We have processed it. The fix has been released in version dev63.

@verklov verklov closed this as completed Jan 31, 2014
vpelipenko added a commit that referenced this issue May 15, 2015
@vpelipenko
Merge pull request #275 from magento-dragons/S65
6ab300f 
[Dragons] Sprint 65\66
magento-team pushed a commit that referenced this issue Jan 5, 2016
@irenelagno
Merge pull request #275 from magento-folks/bugs
11dcb28 
[Folks] Bugfix
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@tomlankhorst @hectorj @verklov