rpms / doxygen

Clone
Source Code
GIT

Blame SOURCES/doxygen-1.8.5-CVE-2016-10245-cross-site-scripting.patch

c4 c5 c5-plus c6 c6-plus c7 c7-beta c8 c8-beta c8s c9 c9-beta c9s-sig-hyperscale
  1.   c7
  2.   SOURCES
  3.   doxygen-1.8.5-CVE-2016-10245-cross-site-scripting.patch
Blob History Raw
8db5a0 
diff -up doxygen-1.8.5/src/search_opensearch.php.than doxygen-1.8.5/src/search_opensearch.php
8db5a0 
--- doxygen-1.8.5/src/search_opensearch.php.than	2019-07-25 13:23:49.988957523 +0200
8db5a0 
+++ doxygen-1.8.5/src/search_opensearch.php	2019-07-25 13:24:16.842105308 +0200
8db5a0 
@@ -3,6 +3,7 @@ require "search-functions.php";
8db5a0
8db5a0 
 $mode = array_key_exists('v', $_GET)?$_GET['v']:"";
8db5a0 
 $query = array_key_exists('query', $_GET)?$_GET['query']:"";
8db5a0 
+$query = preg_replace("/[^a-zA-Z0-9\-\_\.\x80-\xFF]/i", " ", $query );
8db5a0
8db5a0 
 $query_results = run_query($query);
8db5a0

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation