From 4484129a41401cbace507a6008874b92bce4cbbd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Antoine=20Beaupr=C3=A9?= <anarcat@debian.org>
Date: Wed, 31 Oct 2018 14:03:34 -0400
Subject: [PATCH] Fix multiple XSS in file htdocs/entry_chooser.php
 (CVE-2017-11107)

Closes: #50

From: Ismail Belkacim <xd4rker@gmail.com>
---
 htdocs/entry_chooser.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/htdocs/entry_chooser.php b/htdocs/entry_chooser.php
index 16a4eb6..e2d7bf5 100644
--- a/htdocs/entry_chooser.php
+++ b/htdocs/entry_chooser.php
@@ -15,9 +15,9 @@ $www['page'] = new page();
 
 $request = array();
 $request['container'] = get_request('container','GET');
-$request['form'] = get_request('form','GET');
-$request['element'] = get_request('element','GET');
-$request['rdn'] = get_request('rdn','GET');
+$request['form'] = htmlspecialchars(addslashes(get_request('form','GET')));
+$request['element'] = htmlspecialchars(addslashes(get_request('element','GET')));
+$request['rdn'] = htmlspecialchars(addslashes(get_request('rdn','GET')));
 
 echo '<div class="popup">';
 printf('<h3 class="subtitle">%s</h3>',_('Entry Chooser'));
@@ -33,7 +33,7 @@ echo '</script>';
 echo '<table class="forminput" width="100%" border="0">';
 if ($request['container']) {
 	printf('<tr><td class="heading" colspan="3">%s:</td><td>%s</td></tr>',_('Server'),$app['server']->getName());
-	printf('<tr><td class="heading" colspan="3">%s:</td><td>%s</td></tr>',_('Looking in'),$request['container']);
+	printf('<tr><td class="heading" colspan="3">%s:</td><td>%s</td></tr>',_('Looking in'),htmlspecialchars($request['container']));
 	echo '<tr><td class="blank" colspan="4">&nbsp;</td></tr>';
 }