[Moin-devel] CVS: MoinMoin userform.py,1.19,1.20 wikimacro.py,1.47,1.48

J?rgen Hermann jhermann at users.sourceforge.net
Thu Jul 11 09:26:28 EDT 2002 

Update of /cvsroot/moin/MoinMoin
In directory usw-pr-cvs1:/tmp/cvs-serv18761/MoinMoin

Modified Files:
	userform.py wikimacro.py 
Log Message:
Removed two cross-site scripting vulnerabilities reported by "Yuki"


Index: userform.py
===================================================================
RCS file: /cvsroot/moin/MoinMoin/userform.py,v
retrieving revision 1.19
retrieving revision 1.20
diff -C2 -r1.19 -r1.20
*** userform.py	12 Jun 2002 21:09:48 -0000	1.19
--- userform.py	11 Jul 2002 16:25:36 -0000	1.20
***************
*** 9,13 ****
  
  # Imports
! import os, string, time
  from MoinMoin import config, user, util, webapi, wikiutil
  from MoinMoin.i18n import _, languages
--- 9,13 ----
  
  # Imports
! import os, string, time, cgi
  from MoinMoin import config, user, util, webapi, wikiutil
  from MoinMoin.i18n import _, languages
***************
*** 391,395 ****
  
      data.update(formtext)
!     data.update(vars(request.user))
      result = htmlform % data
  
--- 391,396 ----
  
      data.update(formtext)
!     for key, val in vars(request.user).items():
!         data[key] = cgi.escape(str(val), quote=1)
      result = htmlform % data
  

Index: wikimacro.py
===================================================================
RCS file: /cvsroot/moin/MoinMoin/wikimacro.py,v
retrieving revision 1.47
retrieving revision 1.48
diff -C2 -r1.47 -r1.48
*** wikimacro.py	10 Jul 2002 01:52:22 -0000	1.47
--- wikimacro.py	11 Jul 2002 16:25:36 -0000	1.48
***************
*** 93,96 ****
--- 93,98 ----
  
      def _m_search(self, type):
+         import cgi
+ 
          if self.form.has_key('value'):
              default = self.form["value"].value
***************
*** 110,114 ****
              '<input name="value" size="30" value="%s"> '
              '<input type="submit" value="%s">'
!             '%s</form>') % (type, default, _("Go"), boxes))
  
      def _macro_GoTo(self, args):
--- 112,116 ----
              '<input name="value" size="30" value="%s"> '
              '<input type="submit" value="%s">'
!             '%s</form>') % (type, cgi.escape(default, quote=1), _("Go"), boxes))
  
      def _macro_GoTo(self, args):

More information about the Moin-devel mailing list