From 047ce9fa4a7c13f3883438aaf54fc50f287a7e8e Mon Sep 17 00:00:00 2001 From: Thomas Mortagne Date: Thu, 14 Apr 2022 16:30:04 +0200 Subject: [PATCH] XWIKI-19612: XSS in the attachment history --- .../src/main/resources/templates/viewattachrev.vm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/xwiki-platform-core/xwiki-platform-web/xwiki-platform-web-templates/src/main/resources/templates/viewattachrev.vm b/xwiki-platform-core/xwiki-platform-web/xwiki-platform-web-templates/src/main/resources/templates/viewattachrev.vm index 63b45b51e74f..3d7b5eacef87 100644 --- a/xwiki-platform-core/xwiki-platform-web/xwiki-platform-web-templates/src/main/resources/templates/viewattachrev.vm +++ b/xwiki-platform-core/xwiki-platform-web/xwiki-platform-web-templates/src/main/resources/templates/viewattachrev.vm @@ -20,7 +20,7 @@ #template("startpage.vm")
-

$services.localization.render("core.viewers.attachments.revisions", [$attachment.filename])

+

$services.localization.render("core.viewers.attachments.revisions", [$escapetool.xml($attachment.filename)])

#if ("$tdoc.realLocale" != '') #set($lang = "&language=${tdoc.realLocale}") #else @@ -40,7 +40,7 @@ #set($url = $doc.getAttachmentRevisionURL("${attachment.filename}", ${version.toString()})) #end #if ($attachment.isImage()) - ${attachment.filename} + ${escapetool.xml($attachment.filename)} #else #mimetypeimg($attachment.getMimeType().toLowerCase() $attachment.getFilename().toLowerCase()) #end