Html encode nodenames to prevent XSS attacks. Fixes U4-10497 XSS Vulnerability in page name.

nul800sebastiaan · nul800sebastiaan · commit fe2b86b68145 · 2017-10-06T14:38:21.000+02:00
diff --git a/src/Umbraco.Web.UI/umbraco/dialogs/Publish.aspx.cs b/src/Umbraco.Web.UI/umbraco/dialogs/Publish.aspx.cs
@@ -30,7 +30,7 @@ protected override void OnInit(EventArgs e)
             }
 
             DocumentId = doc.Id;
-            PageName = doc.Name;
+            PageName = Server.HtmlEncode(doc.Name);
             DocumentPath = doc.Path;
 
         }
diff --git a/src/Umbraco.Web/umbraco.presentation/umbraco/dialogs/notifications.aspx.cs b/src/Umbraco.Web/umbraco.presentation/umbraco/dialogs/notifications.aspx.cs
@@ -27,7 +27,7 @@ public notifications()
         protected void Page_Load(object sender, EventArgs e)
         {
             Button1.Text = ui.Text("update");
-            pane_form.Text = ui.Text("notifications", "editNotifications", node.Text, base.getUser());
+            pane_form.Text = ui.Text("notifications", "editNotifications", Server.HtmlEncode(node.Text), base.getUser());
         }
 
         #region Web Form Designer generated code

Original file line number	Diff line number	Diff line change
`@@ -30,7 +30,7 @@ protected override void OnInit(EventArgs e)`
`30`	`30`	`}`
`31`	`31`
`32`	`32`	`DocumentId = doc.Id;`
`33`		`- PageName = doc.Name;`
	`33`	`+ PageName = Server.HtmlEncode(doc.Name);`
`34`	`34`	`DocumentPath = doc.Path;`
`35`	`35`
`36`	`36`	`}`
Original file line number	Diff line number	Diff line change
`@@ -27,7 +27,7 @@ public notifications()`
`27`	`27`	`protected void Page_Load(object sender, EventArgs e)`
`28`	`28`	`{`
`29`	`29`	`Button1.Text = ui.Text("update");`
`30`		`- pane_form.Text = ui.Text("notifications", "editNotifications", node.Text, base.getUser());`
	`30`	`+ pane_form.Text = ui.Text("notifications", "editNotifications", Server.HtmlEncode(node.Text), base.getUser());`
`31`	`31`	`}`
`32`	`32`
`33`	`33`	`#region Web Form Designer generated code`