# Blosxom
# Author: Rael Dornfest (2002-2003), The Blosxom Development Team (2005-2008)
-# Version: 2.1.1 ($Id: blosxom.cgi,v 1.83 2008/07/30 22:27:02 xtaran Exp $)
+# Version: 2.1.2 ($Id: blosxom.cgi,v 1.86 2008/11/11 10:37:16 alfie Exp $)
# Home/Docs/Licensing: http://blosxom.sourceforge.net/
# Development/Downloads: http://sourceforge.net/projects/blosxom
use Time::Local;
use CGI qw/:standard :netscape/;
-$version = "2.1.1";
+$version = "2.1.2";
# Load configuration from $ENV{BLOSXOM_CONFIG_DIR}/blosxom.conf, if it exists
my $blosxom_config;
}
$flavour ||= $default_flavour;
+# Fix XSS in flavour name (CVE-2008-2236)
+$flavour = blosxom_html_escape($flavour);
+
+sub blosxom_html_escape {
+ my $string = shift;
+ my %escape = (
+ '<' => '<',
+ '>' => '>',
+ '&' => '&',
+ '"' => '"',
+ "'" => '''
+ );
+ my $escape_re = join '|' => keys %escape;
+ $string =~ s/($escape_re)/$escape{$1}/g;
+ $string;
+}
+
# Global variable to be used in head/foot.{flavour} templates
$path_info = '';
# Add all @path_info elements to $path_info till we come to one that could be a year
$fn =~ s($url_escape_re)(sprintf('%%%02X', ord($&)))eg;
# Escape <, >, and &, and to produce valid RSS
- my %escape = (
- '<' => '<',
- '>' => '>',
- '&' => '&',
- '"' => '"',
- "'" => '''
- );
- my $escape_re = join '|' => keys %escape;
- $title =~ s/($escape_re)/$escape{$1}/g;
- $body =~ s/($escape_re)/$escape{$1}/g;
- $url =~ s/($escape_re)/$escape{$1}/g;
- $path =~ s/($escape_re)/$escape{$1}/g;
- $fn =~ s/($escape_re)/$escape{$1}/g;
+ $title = blosxom_html_escape($title);
+ $body = blosxom_html_escape($body);
+ $url = blosxom_html_escape($url);
+ $path = blosxom_html_escape($path);
+ $fn = blosxom_html_escape($fn);
}
$story = &$interpolate($story);