output is not run through check_plain() [#747578]

So this security problem #747222: Menu access to admin/user/user_terms is for all made me think to check the other obvious common security mistake, use of check_plain...

And it turns out that the group title, which is text entered by an admin, is not run through it.

Ouch!

Comment	File	Size	Author
#1	747578.user_terms.check_plain.patch	1.24 KB	joachim

Comments

joachim commented 19 March 2010 at 22:23

Title:	group title is not run through check_plain()	» output is not run through check_plain()
Status:	Active	» Fixed

Status	File	Size
new	747578.user_terms.check_plain.patch	1.24 KB

Turns out it's the term names too!

Committed this patch. Releasing a new beta afterwards.

#747578 by joachim: Fixed output not run through check_plain().

2 April 2010 at 22:30

Status:

Fixed

» Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.