mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-06-13 17:39:57 +00:00
phpmyadmin: fix CVE-2023-25727
In phpMyAdmin before 4.9.11 and 5.x before 5.2.1, an authenticated user can trigger XSS by uploading a crafted .sql file through the drag-and-drop interface. Reference: https://nvd.nist.gov/vuln/detail/CVE-2023-25727 Upstream patch: https://github.com/phpmyadmin/phpmyadmin/commit/efa2406695551667f726497750d3db91fb6f662e Signed-off-by: Dragos-Marian Panait <dragos.panait@windriver.com> Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
This commit is contained in:
Dragos-Marian Panait
committed by
Armin Kuster
Armin Kuster
parent
496d23c0fc
commit
99047e44ce
@@ -0,0 +1,37 @@
|
|||||||
|
From 0842f11158699a979437125756b26eeabedab9ab Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Maur=C3=ADcio=20Meneghini=20Fauth?= <mauricio@fauth.dev>
|
||||||
|
Date: Fri, 5 Aug 2022 20:18:16 -0300
|
||||||
|
Subject: [PATCH] Fix not escaped title when using drag and drop upload
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
Signed-off-by: Maurício Meneghini Fauth <mauricio@fauth.dev>
|
||||||
|
|
||||||
|
Upstream-Status: Backport
|
||||||
|
CVE: CVE-2023-25727
|
||||||
|
|
||||||
|
Reference to upstream patch:
|
||||||
|
https://github.com/phpmyadmin/phpmyadmin/commit/efa2406695551667f726497750d3db91fb6f662e
|
||||||
|
|
||||||
|
Signed-off-by: Dragos-Marian Panait <dragos.panait@windriver.com>
|
||||||
|
---
|
||||||
|
js/src/drag_drop_import.js | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/js/src/drag_drop_import.js b/js/src/drag_drop_import.js
|
||||||
|
index 55250c2..9b8710e 100644
|
||||||
|
--- a/js/src/drag_drop_import.js
|
||||||
|
+++ b/js/src/drag_drop_import.js
|
||||||
|
@@ -130,7 +130,7 @@ var DragDropImport = {
|
||||||
|
var filename = $this.parent('span').attr('data-filename');
|
||||||
|
$('body').append('<div class="pma_drop_result"><h2>' +
|
||||||
|
Messages.dropImportImportResultHeader + ' - ' +
|
||||||
|
- filename + '<span class="close">x</span></h2>' + value.message + '</div>');
|
||||||
|
+ Functions.escapeHtml(filename) + '<span class="close">x</span></h2>' + value.message + '</div>');
|
||||||
|
$('.pma_drop_result').draggable(); // to make this dialog draggable
|
||||||
|
}
|
||||||
|
});
|
||||||
|
--
|
||||||
|
2.39.1
|
||||||
|
|
||||||
@@ -9,6 +9,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
|
|||||||
|
|
||||||
SRC_URI = "https://files.phpmyadmin.net/phpMyAdmin/${PV}/phpMyAdmin-${PV}-all-languages.tar.xz \
|
SRC_URI = "https://files.phpmyadmin.net/phpMyAdmin/${PV}/phpMyAdmin-${PV}-all-languages.tar.xz \
|
||||||
file://apache.conf \
|
file://apache.conf \
|
||||||
|
file://CVE-2023-25727.patch \
|
||||||
"
|
"
|
||||||
|
|
||||||
SRC_URI[sha256sum] = "c562feddc0f8ff5e69629113f273a0d024a65fb928c48e89ce614744d478296f"
|
SRC_URI[sha256sum] = "c562feddc0f8ff5e69629113f273a0d024a65fb928c48e89ce614744d478296f"
|
||||||
|
|||||||
Reference in New Issue
Block a user