diff options
| author | Andrejs Griščenko <andrejs.griscenko@zabbix.com> | 2021-12-07 18:56:48 +0300 |
|---|---|---|
| committer | Andrejs Griščenko <andrejs.griscenko@zabbix.com> | 2021-12-07 18:56:48 +0300 |
| commit | 83e05df14ac1a1663863438df83d155617c496e5 (patch) | |
| tree | 3d4ac86909cd49997ec88983f14800f5af6081a3 | |
| parent | ca9c16ad22348e09d70eb47092cb377a7fca74b8 (diff) | |
| parent | db33659eb5e492350f5726e19b2a9aed69a6db38 (diff) | |
..F....... [ZBX-20278] fixed XSS attack vulnerability in scheduled report configuration form
* commit 'db33659eb5e492350f5726e19b2a9aed69a6db38':
..F....... [ZBX-20278] fixed translation strings being set as HTML
.D........ [ZBX-20278] added changelog file
..F....... [ZBX-20278] fixed XSS attack vulnerability in scheduled report configuration form
| -rw-r--r-- | ChangeLog.d/bugfix/ZBX-20278 | 1 | ||||
| -rw-r--r-- | ui/app/partials/js/configuration.valuemap.js.php | 2 | ||||
| -rw-r--r-- | ui/app/partials/js/scheduledreport.subscription.js.php | 14 | ||||
| -rw-r--r-- | ui/app/views/js/administration.userrole.edit.js.php | 2 | ||||
| -rw-r--r-- | ui/app/views/js/reports.scheduledreport.edit.js.php | 4 |
5 files changed, 12 insertions, 11 deletions
diff --git a/ChangeLog.d/bugfix/ZBX-20278 b/ChangeLog.d/bugfix/ZBX-20278 new file mode 100644 index 00000000000..4b04e7bdb22 --- /dev/null +++ b/ChangeLog.d/bugfix/ZBX-20278 @@ -0,0 +1 @@ +..F....... [ZBX-20278] fixed XSS attack vulnerability in scheduled report configuration form (agriscenko) diff --git a/ui/app/partials/js/configuration.valuemap.js.php b/ui/app/partials/js/configuration.valuemap.js.php index d53d24be2e2..3f243c653f3 100644 --- a/ui/app/partials/js/configuration.valuemap.js.php +++ b/ui/app/partials/js/configuration.valuemap.js.php @@ -103,7 +103,7 @@ var AddValueMap = class { const btn = document.createElement('button'); btn.type = 'button'; btn.classList.add('btn-link', 'element-table-remove'); - btn.innerHTML = <?= json_encode(_('Remove')) ?>; + btn.innerText = <?= json_encode(_('Remove')) ?>; btn.addEventListener('click', () => this.row.remove()); cell.appendChild(btn); diff --git a/ui/app/partials/js/scheduledreport.subscription.js.php b/ui/app/partials/js/scheduledreport.subscription.js.php index 918f4be497b..dd81e46d414 100644 --- a/ui/app/partials/js/scheduledreport.subscription.js.php +++ b/ui/app/partials/js/scheduledreport.subscription.js.php @@ -112,7 +112,7 @@ } } - recipient.innerHTML = this.data.recipient_name; + recipient.innerText = this.data.recipient_name; recipient.setAttribute('title', this.data.recipient_name); cell.appendChild(icon); @@ -129,7 +129,7 @@ const cell = document.createElement('td'); const span = document.createElement('span'); - span.innerHTML = this.data.creator_name; + span.innerText = this.data.creator_name; span.setAttribute('title', this.data.creator_name); if (this.data.creator_type == <?= ZBX_REPORT_CREATOR_TYPE_RECIPIENT ?> || this.data.creator_inaccessible) { @@ -162,12 +162,12 @@ const input = status.parentNode.querySelector('[name*=exclude]'); if (input.value == <?= ZBX_REPORT_EXCLUDE_USER_TRUE ?>) { - status.innerHTML = <?= json_encode(_('Include')) ?>; + status.innerText = <?= json_encode(_('Include')) ?>; status.classList.replace('<?= ZBX_STYLE_RED ?>', '<?= ZBX_STYLE_GREEN ?>'); input.value = <?= ZBX_REPORT_EXCLUDE_USER_FALSE ?> } else { - status.innerHTML = <?= json_encode(_('Exclude')) ?>; + status.innerText = <?= json_encode(_('Exclude')) ?>; status.classList.replace('<?= ZBX_STYLE_GREEN ?>', '<?= ZBX_STYLE_RED ?>'); input.value = <?= ZBX_REPORT_EXCLUDE_USER_TRUE ?> } @@ -178,11 +178,11 @@ } if (this.data.exclude == <?= ZBX_REPORT_EXCLUDE_USER_FALSE ?>) { - status.innerHTML = <?= json_encode(_('Include')) ?>; + status.innerText = <?= json_encode(_('Include')) ?>; status.classList.add('<?= ZBX_STYLE_GREEN ?>'); } else { - status.innerHTML = <?= json_encode(_('Exclude')) ?>; + status.innerText = <?= json_encode(_('Exclude')) ?>; status.classList.add('<?= ZBX_STYLE_RED ?>'); } @@ -198,7 +198,7 @@ btn.type = 'button'; btn.classList.add('<?= ZBX_STYLE_BTN_LINK ?>'); - btn.innerHTML = <?= json_encode(_('Remove')) ?>; + btn.innerText = <?= json_encode(_('Remove')) ?>; if (allowed_edit) { btn.addEventListener('click', () => { diff --git a/ui/app/views/js/administration.userrole.edit.js.php b/ui/app/views/js/administration.userrole.edit.js.php index 9cef21183e8..1c105e170d6 100644 --- a/ui/app/views/js/administration.userrole.edit.js.php +++ b/ui/app/views/js/administration.userrole.edit.js.php @@ -137,7 +137,7 @@ .forEach((element) => { element.remove(); }); const update_btn = document.querySelector('#update'); - update_btn.innerHTML = <?= json_encode(_('Add')) ?>; + update_btn.innerText = <?= json_encode(_('Add')) ?>; update_btn.setAttribute('value', 'userrole.create'); update_btn.setAttribute('id', 'add'); diff --git a/ui/app/views/js/reports.scheduledreport.edit.js.php b/ui/app/views/js/reports.scheduledreport.edit.js.php index b1cf0050447..c26d7e37907 100644 --- a/ui/app/views/js/reports.scheduledreport.edit.js.php +++ b/ui/app/views/js/reports.scheduledreport.edit.js.php @@ -47,7 +47,7 @@ } else if (row.querySelector('[name*=creator_type]').value == <?= ZBX_REPORT_RECIPIENT_TYPE_USER ?>) { const creator = row.querySelector('[name*=creatorid]').parentNode.querySelector('span'); - creator.innerHTML = current_user_name; + creator.innerText = current_user_name; creator.setAttribute('title', current_user_name); creator.classList.remove('<?= ZBX_STYLE_GREY ?>'); @@ -130,7 +130,7 @@ const update_btn = document.querySelector('#update'); update_btn.setAttribute('id', 'add'); update_btn.setAttribute('value', 'scheduledreport.create'); - update_btn.innerHTML = <?= json_encode(_('Add')) ?>; + update_btn.innerText = <?= json_encode(_('Add')) ?>; document.querySelectorAll('#reportid, #clone, #delete').forEach((elem) => { elem.remove(); }); }); |