From 7c157c5be898ef49017f7e781778bc045abac91a Mon Sep 17 00:00:00 2001
From: Oliver Hader <oliver.hader@typo3.org>
Date: Tue, 23 Feb 2010 10:04:00 +0000
Subject: [PATCH] Fixed bug #13042: XSS in index.php

git-svn-id: https://svn.typo3.org/TYPO3v4/Core/trunk@6984 709f56b5-9817-0410-a4d7-c38de5d9e867
---
 ChangeLog | 1 +
 index.php | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index a1b1463ea040..40a5de9aa3c2 100755
--- a/ChangeLog
+++ b/ChangeLog
@@ -2,6 +2,7 @@
 
 	* Fixed bug #13372: saltedpasswords - Authentication Bypass in frontend user authentication (thanks to Marcus Krause & Dmitry Dulepov)
 	* Fixed bug #13394: Information disclosure in sysext:sys_actions (thanks to Georg Ringer)
+	* Fixed bug #13042: XSS in index.php (thanks to Georg Ringer)
 
 2010-02-22  Benjamin Mack  <benni@typo3.org>
 
diff --git a/index.php b/index.php
index be634e559e65..84195f5d0520 100644
--- a/index.php
+++ b/index.php
@@ -70,7 +70,7 @@ if (@is_dir(PATH_site.'typo3/sysext/cms/tslib/')) {
 }
 
 if (PATH_tslib=='') {
-	die('Cannot find tslib/. Please set path by defining $configured_tslib_path in '.basename(PATH_thisScript).'.');
+	die('Cannot find tslib/. Please set path by defining $configured_tslib_path in ' . htmlspecialchars(basename(PATH_thisScript)) . '.');
 }
 
 // ******************
-- 
GitLab