Skip to content

bugzilla
bugzilla
Commit f8813fc6 authored by Byron Jones's avatar Byron Jones Committed by Dave Lawrence
Browse files
Options

Bug 697699 - (CVE-2011-3657) [SECURITY] XSS when viewing new charts or tabular…

Bug 697699 - (CVE-2011-3657) [SECURITY] XSS when viewing new charts or tabular and graphical reports in debug mode r=gerv, a=LpSolit
parent c6015408
Show whitespace changes
Inline Side-by-side
Showing with 3 additions and 3 deletions
Bugzilla/Chart.pm
View file @ f8813fc6
...@@ -438,7 +438,7 @@ sub dump { ...@@ -438,7 +438,7 @@ sub dump {
require Data::Dumper; require Data::Dumper;
say "<pre>Bugzilla::Chart object:"; say "<pre>Bugzilla::Chart object:";
print Data::Dumper::Dumper($self); print html_quote(Data::Dumper::Dumper($self));
print "</pre>"; print "</pre>";
} }
......
report.cgi
View file @ f8813fc6
...@@ -288,9 +288,9 @@ print $cgi->header(-type => $format->{'ctype'}, ...@@ -288,9 +288,9 @@ print $cgi->header(-type => $format->{'ctype'},
if ($cgi->param('debug')) { if ($cgi->param('debug')) {
require Data::Dumper; require Data::Dumper;
say "<pre>data hash:"; say "<pre>data hash:";
say Data::Dumper::Dumper(%data); say html_quote(Data::Dumper::Dumper(%data));
say "\ndata array:"; say "\ndata array:";
say Data::Dumper::Dumper(@image_data) . "\n\n</pre>"; say html_quote(Data::Dumper::Dumper(@image_data)) . "\n\n</pre>";
} }
# All formats point to the same section of the documentation. # All formats point to the same section of the documentation.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment