[BUGFIX][SECURITY] XSS vulnerability in BE-User Admin module

Fix XSS at column 'workspace membership'. How to test: * choose a workspace title like "<b>test</b>" * assign a user as member to the workspace * select the BE-module "Admin Tools->User Admin" * select the checkbox "Workspace membership" * press update * take a look at column "Workspace membership" Change-Id: I29bb7d05a2740cc9c88eb67c224e942dfc9165dc Fixes: #32040 Releases: 4.7, 4.6, 4.5, 4.4 Reviewed-on: http://review.typo3.org/6878 Reviewed-by: Oliver Klee Reviewed-by: Georg Ringer Tested-by: Georg Ringer

[BUGFIX][SECURITY] XSS vulnerability in BE-User Admin module
Fix XSS at column 'workspace membership'. How to test: * choose a workspace title like "<b>test</b>" * assign a user as member to the workspace * select the BE-module "Admin Tools->User Admin" * select the checkbox "Workspace membership" * press update * take a look at column "Workspace membership" Change-Id: I29bb7d05a2740cc9c88eb67c224e942dfc9165dc Fixes: #32040 Releases: 4.7, 4.6, 4.5, 4.4 Reviewed-on: http://review.typo3.org/6878 Reviewed-by: Oliver Klee Reviewed-by: Georg Ringer Tested-by: Georg Ringer
eae75337 · Marco Bresch · Georg Ringer · df89db2a · eae75337
Commit eae75337 authored 13 years ago by Marco Bresch Committed by Georg Ringer 13 years ago
--- a/typo3/sysext/beuser/mod/index.php
+++ b/typo3/sysext/beuser/mod/index.php
@@ -1014,7 +1014,7 @@ class local_beUserAuth extends t3lib_beUserAuth {
 			if (count($workspaces))	{
 				foreach ($workspaces as $rec)	{
 					if ($this->checkWorkspace($rec))	{
-						$options[$rec['uid']] = $rec['uid'].': '.$rec['title'];
+						$options[$rec['uid']] = $rec['uid'].': '.htmlspecialchars($rec['title']);

 							// Check if all mount points are accessible, otherwise show error:
 						if (trim($rec['db_mountpoints'])!=='')	{