Raised by https://www.xssposed.org/incidents/69566/ Need to escape the user provided query before displaying it back I pushed immediately as this was made public, Daniel diff --git a/docs/search.php.code.in b/docs/search.php.code.in index df25cd6..84f8759 100644 --- a/docs/search.php.code.in +++ b/docs/search.php.code.in @@ -13,7 +13,7 @@ <form action="<?php echo $_SERVER['PHP_SELF'], "?query=", rawurlencode($query) ?>" enctype="application/x-www-form-urlencoded" method="get"> - <input name="query" type="text" size="50" value="<?php echo $query?>"/> + <input name="query" type="text" size="50" value="<?php echo htmlspecialchars($query, ENT_QUOTES, 'UTF-8')?>"/> <select name="scope"> <option value="any">Search All</option> <option value="API" <?php if ($scope == 'API') print "selected='selected'"?>>Only the APIs</option> -- Daniel Veillard | Open Source and Standards, Red Hat veillard@xxxxxxxxxx | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ http://veillard.com/ | virtualization library http://libvirt.org/ -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list