CC-4897: XSS exploit on library page

2013-02-04 12:44:14 -05:00 · 2013-02-04 12:44:14 -05:00 · b45f71e8f9
parent 20a3f674b4
commit b45f71e8f9
2 changed files with 2 additions and 1 deletions
--- a/airtime_mvc/application/models/StoredFile.php
+++ b/airtime_mvc/application/models/StoredFile.php
@ -269,7 +269,7 @@ class Application_Model_StoredFile
        $md = array();
        foreach ($this->_dbMD as $dbColumn => $propelColumn) {
            $method = "get$propelColumn";
-            $md[$dbColumn] = htmlspecialchars($this->_file->$method());
+            $md[$dbColumn] = $this->_file->$method();
        }

        return $md;
--- a/airtime_mvc/application/views/scripts/playlist/update.phtml
+++ b/airtime_mvc/application/views/scripts/playlist/update.phtml
@ -8,6 +8,7 @@ if ($item['type'] == 2) {
    $bl= new Application_Model_Block($item['item_id']);
    $staticBlock = $bl->isStatic();
 }
+$item["track_title"] = $this->escape($item["track_title"]);
 ?>
    <li class="ui-state-default" id="spl_<?php echo $item["id"] ?>" unqid="<?php echo $item["id"]; ?>">
        <div class="list-item-container">