https://issues.apache.org/bugzilla/show_bug.cgi?id=56532
Bug ID: 56532
Summary: Improper Neutralization of Input in
mod_proxy_balancer.c (XSS)
Product: Apache httpd-2
Version: 2.4.9
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: mod_proxy_balancer
Assignee: [email protected]
Reporter: [email protected]
Incomplete fix CVE-2012-4558 has been localized in revision 1413732
mod_proxy_balancer.c
----------
if (wsel && bsel) {
ap_rputs("<h3>Edit worker settings for ", r);
ap_rvputs(r, (*wsel->s->uds_path?"<i>":""),
ap_proxy_worker_name(r->pool, wsel), (*wsel->s->uds_path?"</i>":""), "</h3>\n",
NULL);
ap_rputs("<form method=\"POST\"
enctype=\"application/x-www-form-urlencoded\" action=\"", r);
ap_rvputs(r, ap_escape_uri(r->pool, action), "\">\n", NULL);
----------
ap_escape_uri() has been added to variable 'action' but in code there is one
another using of 'action'
----------
} else if (bsel) {
const apr_array_header_t *provs;
const ap_list_provider_names_t *pname;
int i;
ap_rputs("<h3>Edit balancer settings for ", r);
ap_rvputs(r, bsel->s->name, "</h3>\n", NULL);
ap_rputs("<form method='POST'
enctype='application/x-www-form-urlencoded' action='", r);
ap_rvputs(r, action, "'>\n", NULL);
----------
Sholud be this patched?
BR,
Maksymilian
cifrex.org
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
