Skip to content

Commit

Permalink
#3050 XSS in Reports names
Browse files Browse the repository at this point in the history
  • Loading branch information
Patrykb0802 committed Nov 22, 2024
1 parent ef7dc3c commit 65ceac1
Show file tree
Hide file tree
Showing 3 changed files with 4 additions and 4 deletions.
2 changes: 1 addition & 1 deletion WebContent/WEB-INF/ftl/report/reportChart.ftl
Original file line number Diff line number Diff line change
Expand Up @@ -87,7 +87,7 @@
<td>
<table>
<tr>
<td colspan="2"><h1>${instance.name}</h1></td>
<td colspan="2"><h1>${escapeHtml.escapeHtml(instance.name)}</h1></td>
</tr>
<tr>
<td class="label"><@fmt key="reports.runTimeStart"/></td>
Expand Down
2 changes: 2 additions & 0 deletions src/com/serotonin/mango/vo/report/ReportChartCreator.java
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@
import freemarker.template.Template;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.directwebremoting.Security;
import org.jfree.data.time.TimeSeries;
import org.scada_lts.mango.service.SystemSettingsService;
import org.scada_lts.utils.ColorUtils;
Expand Down Expand Up @@ -123,6 +124,7 @@ public void createContent(ReportInstance reportInstance, ReportDao reportDao, St
model.put("instance", reportInstance);
model.put("points", pointStatistics);
model.put("inline", inlinePrefix == null ? "" : "cid:");
model.put("escapeHtml", new Security());

model.put("ALPHANUMERIC", DataTypes.ALPHANUMERIC);
model.put("BINARY", DataTypes.BINARY);
Expand Down
4 changes: 1 addition & 3 deletions src/org/scada_lts/dao/report/ReportInstanceDAO.java
Original file line number Diff line number Diff line change
Expand Up @@ -44,8 +44,6 @@
import com.serotonin.mango.rt.event.EventInstance;
import com.serotonin.mango.vo.report.ReportInstance;

import static org.directwebremoting.Security.escapeHtml;

/**
* DAO for ReportInstance
*
Expand Down Expand Up @@ -156,7 +154,7 @@ public ReportInstance mapRow(ResultSet rs, int rowNum) throws SQLException {
ReportInstance reportInstance = new ReportInstance();
reportInstance.setId(rs.getInt(COLUMN_NAME_ID));
reportInstance.setUserId(rs.getInt(COLUMN_NAME_USER_ID));
reportInstance.setName(escapeHtml(rs.getString(COLUMN_NAME_NAME)));
reportInstance.setName(rs.getString(COLUMN_NAME_NAME));
reportInstance.setIncludeEvents(rs.getInt(COLUMN_NAME_INCLUDE_EVENTS));
reportInstance.setIncludeUserComments(DAO.charToBool(rs.getString(COLUMN_NAME_INCLUDE_USER_COMMENTS)));
reportInstance.setReportStartTime(rs.getLong(COLUMN_NAME_REPORT_START_TIME));
Expand Down

0 comments on commit 65ceac1

Please sign in to comment.