Merge pull request from GHSA-mj9p-v2r8-wf8w

* Update the changelog Signed-off-by: Jaime Pérez Crespo <jaime.perez@uninett.no> * Bump version Signed-off-by: Jaime Pérez Crespo <jaime.perez@uninett.no> * Fix for XSS in email class Signed-off-by: Jaime Pérez Crespo <jaime.perez@uninett.no> * Fix issue with reportId not being properly sanitized Signed-off-by: Jaime Pérez Crespo <jaime.perez@uninett.no>

Merge pull request from GHSA-mj9p-v2r8-wf8w
864f0392 · Jaime Pérez Crespo · GitHub · 752cccfb · 864f0392 · 864f0392
Unverified Commit 864f0392 authored 5 years ago by Jaime Pérez Crespo Committed by GitHub 5 years ago
--- a/lib/SimpleSAML/Utils/EMail.php
+++ b/lib/SimpleSAML/Utils/EMail.php
@@ -274,7 +274,7 @@ pre {
 </head>
 <body>
 <div class="container" style="background: #fafafa; border: 1px solid #eee; margin: 2em; padding: .6em;">
-' . $this->text . '
+' . htmlspecialchars($this->text) . '
 </div>
 </body>
 </html>';

--- a/www/errorreport.php
+++ b/www/errorreport.php
@@ -17,6 +17,10 @@ $reportId = $_REQUEST['reportId'];
 $email = $_REQUEST['email'];
 $text = $_REQUEST['text'];
+if (!preg_match('/^[0-9a-f]{8}$/', $reportId)) {
+    throw new \SimpleSAML\Error\Exception('Invalid reportID');
+}
 $data = null;
 try {
    $session = \SimpleSAML\Session::getSessionFromRequest();