Bug 842038: (CVE-2013-0785) [SECURITY] XSS in show_bug.cgi when using an invalid page format

r=glob a=LpSolit
author: Frédéric Buclin <LpSolit@gmail.com> 2013-02-19 18:24:20 +0100
committer: Frédéric Buclin <LpSolit@gmail.com> 2013-02-19 18:24:20 +0100
commit: 564fb6842b0d0be49a58e1ed30a94b8f0a2c511e (patch)
tree: 7c948449a19374c1e489e6fb71ea2d530afe9029 /template/en/default/global
parent: e2c8da0dfc534ffca6232cc7d370299d5d446604 (diff)
download: bugzilla-564fb6842b0d0be49a58e1ed30a94b8f0a2c511e.tar.gz
bugzilla-564fb6842b0d0be49a58e1ed30a94b8f0a2c511e.tar.xz
1 files changed, 4 insertions, 1 deletions
diff --git a/template/en/default/global/user-error.html.tmpl b/template/en/default/global/user-error.html.tmpl
index c9448a503..6d03eaa4b 100644
--- a/template/en/default/global/user-error.html.tmpl
+++ b/template/en/default/global/user-error.html.tmpl
@@ -741,7 +741,10 @@
     [% title = "Format Not Found" %]
     The requested format <em>[% format FILTER html %]</em> does not exist with
     a content type of <em>[% ctype FILTER html %]</em>.
-    
+    [% IF invalid %]
+      Both parameters must contain letters and hyphens only.
+    [% END %]
+
   [% ELSIF error == "flag_type_sortkey_invalid" %]
     [% title = "Flag Type Sort Key Invalid" %]
     The sort key <em>[% sortkey FILTER html %]</em> must be an integer
author	Frédéric Buclin <LpSolit@gmail.com>	2013-02-19 18:24:20 +0100
committer	Frédéric Buclin <LpSolit@gmail.com>	2013-02-19 18:24:20 +0100
commit	564fb6842b0d0be49a58e1ed30a94b8f0a2c511e (patch)
tree	7c948449a19374c1e489e6fb71ea2d530afe9029 /template/en/default/global
parent	e2c8da0dfc534ffca6232cc7d370299d5d446604 (diff)
download	bugzilla-564fb6842b0d0be49a58e1ed30a94b8f0a2c511e.tar.gz bugzilla-564fb6842b0d0be49a58e1ed30a94b8f0a2c511e.tar.xz