summaryrefslogtreecommitdiffstats
path: root/Bugzilla
diff options
context:
space:
mode:
authorFrédéric Buclin <LpSolit@gmail.com>2013-02-19 18:27:50 +0100
committerFrédéric Buclin <LpSolit@gmail.com>2013-02-19 18:27:50 +0100
commitf8aa20925c5b7cc83fa1936a23ed970efba80984 (patch)
tree7da28365cf2dc0231d4a3213fce8700a9f3f83f3 /Bugzilla
parent0bd4c361b4a5fe0e0773e77571a84234b8f91f76 (diff)
downloadbugzilla-f8aa20925c5b7cc83fa1936a23ed970efba80984.tar.gz
bugzilla-f8aa20925c5b7cc83fa1936a23ed970efba80984.tar.xz
Bug 842038: (CVE-2013-0785) [SECURITY] XSS in show_bug.cgi when using an invalid page format
r=glob a=LpSolit
Diffstat (limited to 'Bugzilla')
-rw-r--r--Bugzilla/Template.pm1
1 files changed, 1 insertions, 0 deletions
diff --git a/Bugzilla/Template.pm b/Bugzilla/Template.pm
index 663d85957..cd7507963 100644
--- a/Bugzilla/Template.pm
+++ b/Bugzilla/Template.pm
@@ -140,6 +140,7 @@ sub get_format {
return
{
'template' => $template,
+ 'format' => $format,
'extension' => $ctype,
'ctype' => Bugzilla::Constants::contenttypes->{$ctype}
};