Fixed an XSS vulnerability

2 years ago · 9d0cd0bda7
4 changed files with 6 additions and 3 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -11,6 +11,7 @@
 - Fixed a JavaScript error that occurred when closing a disclosure menu within Live Preview. ([#12992](https://github.com/craftcms/cms/issues/12992))
 - Fixed a bug where assets were getting relocated to the root volume folder when renamed. ([#12995](https://github.com/craftcms/cms/issues/12995))
 - Fixed a bug where it wasn’t possible to preview entries on another domain when the system was offline. ([#12979](https://github.com/craftcms/cms/issues/12979))
+- Fixed an XSS vulnerability.

 ## 3.8.5 - 2023-03-21

--- a/src/web/assets/quickpost/dist/QuickPostWidget.js
+++ b/src/web/assets/quickpost/dist/QuickPostWidget.js
@ -1,2 +1,2 @@
-!function(){var t;t=jQuery,Craft.QuickPostWidget=Garnish.Base.extend({params:null,initFields:null,formHtml:null,$widget:null,$form:null,$spinner:null,$errorList:null,loading:!1,init:function(i,r,e,n){this.params=r,this.initFields=e,this.formHtml=n,this.$widget=t("#widget"+i),this.initForm(this.$widget.find("form:first"))},initForm:function(t){this.$form=t,this.$spinner=this.$form.find(".spinner"),this.initFields();var i=this.$form.find("> .buttons > .btngroup > .menubtn"),r=i.data("menubtn").menu.$container.find("> ul > li > a");i.menubtn(),this.addListener(this.$form,"submit","handleFormSubmit"),this.addListener(r,"click","saveAndContinueEditing")},handleFormSubmit:function(t){t.preventDefault(),this.save(this.onSave.bind(this))},saveAndContinueEditing:function(){this.save(this.gotoEntry.bind(this))},save:function(i){var r=this;if(!this.loading){this.loading=!0,this.$spinner.removeClass("hidden");var e=Garnish.getPostData(this.$form),n=t.extend({enabled:1},e,this.params);Craft.postActionRequest("entries/save-entry",n,(function(e,n){if(r.loading=!1,r.$spinner.addClass("hidden"),r.$errorList&&r.$errorList.children().remove(),"success"===n)if(e.success)Craft.cp.displayNotice(Craft.t("app","Entry saved.")),i(e);else if(Craft.cp.displayError(Craft.t("app","Couldn’t save entry.")),e.errors)for(var s in r.$errorList||(r.$errorList=t('<ul class="errors"/>').insertAfter(r.$form)),e.errors)if(e.errors.hasOwnProperty(s))for(var a=0;a<e.errors[s].length;a++){var o=e.errors[s][a];t("<li>"+o+"</li>").appendTo(r.$errorList)}}))}},onSave:function(i){var r=t(this.formHtml);if(this.$form.replaceWith(r),Craft.initUiElements(r),this.initForm(r),void 0!==Craft.RecentEntriesWidget)for(var e=0;e<Craft.RecentEntriesWidget.instances.length;e++){var n=Craft.RecentEntriesWidget.instances[e];n.params.sectionId&&n.params.sectionId!=this.params.sectionId||n.addEntry({url:i.cpEditUrl,title:i.title,dateCreated:i.dateCreated,username:i.authorUsername})}},gotoEntry:function(t){Craft.redirectTo(t.cpEditUrl)}})}();
+!function(){var t;t=jQuery,Craft.QuickPostWidget=Garnish.Base.extend({params:null,initFields:null,formHtml:null,$widget:null,$form:null,$spinner:null,$errorList:null,loading:!1,init:function(i,r,e,n){this.params=r,this.initFields=e,this.formHtml=n,this.$widget=t("#widget"+i),this.initForm(this.$widget.find("form:first"))},initForm:function(t){this.$form=t,this.$spinner=this.$form.find(".spinner"),this.initFields();var i=this.$form.find("> .buttons > .btngroup > .menubtn"),r=i.data("menubtn").menu.$container.find("> ul > li > a");i.menubtn(),this.addListener(this.$form,"submit","handleFormSubmit"),this.addListener(r,"click","saveAndContinueEditing")},handleFormSubmit:function(t){t.preventDefault(),this.save(this.onSave.bind(this))},saveAndContinueEditing:function(){this.save(this.gotoEntry.bind(this))},save:function(i){var r=this;if(!this.loading){this.loading=!0,this.$spinner.removeClass("hidden");var e=Garnish.getPostData(this.$form),n=t.extend({enabled:1},e,this.params);Craft.postActionRequest("entries/save-entry",n,(function(e,n){if(r.loading=!1,r.$spinner.addClass("hidden"),r.$errorList&&r.$errorList.children().remove(),"success"===n)if(e.success)Craft.cp.displayNotice(Craft.t("app","Entry saved.")),i(e);else if(Craft.cp.displayError(Craft.t("app","Couldn’t save entry.")),e.errors)for(var s in r.$errorList||(r.$errorList=t('<ul class="errors"/>').insertAfter(r.$form)),e.errors)if(e.errors.hasOwnProperty(s))for(var a=0;a<e.errors[s].length;a++){var o=e.errors[s][a];t("<li/>",{text:o}).appendTo(r.$errorList)}}))}},onSave:function(i){var r=t(this.formHtml);if(this.$form.replaceWith(r),Craft.initUiElements(r),this.initForm(r),void 0!==Craft.RecentEntriesWidget)for(var e=0;e<Craft.RecentEntriesWidget.instances.length;e++){var n=Craft.RecentEntriesWidget.instances[e];n.params.sectionId&&n.params.sectionId!=this.params.sectionId||n.addEntry({url:i.cpEditUrl,title:i.title,dateCreated:i.dateCreated,username:i.authorUsername})}},gotoEntry:function(t){Craft.redirectTo(t.cpEditUrl)}})}();
 //# sourceMappingURL=QuickPostWidget.js.map
--- a/src/web/assets/quickpost/dist/QuickPostWidget.js.map
+++ b/src/web/assets/quickpost/dist/QuickPostWidget.js.map
--- a/src/web/assets/quickpost/src/QuickPostWidget.js
+++ b/src/web/assets/quickpost/src/QuickPostWidget.js
@ -94,7 +94,9 @@

                  for (var i = 0; i < response.errors[attribute].length; i++) {
                    var error = response.errors[attribute][i];
-                    $('<li>' + error + '</li>').appendTo(this.$errorList);
+                    $('<li/>', {
+                      text: error,
+                    }).appendTo(this.$errorList);
                  }
                }
              }