Fix part 1 for XSS issue... call page like this:

  src/compose.php?mailbox="><script>alert('Nuts!');</script>

Because this file is included in other pages, it could affect others too.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@6911 7612ce4b-ef26-0410-bec9-ea0150e637f0

diff --git a/functions/page_header.php b/functions/page_header.php
index 180968da57f6f085da35b9da29d559b8deac383d..0228eebaeaad43af77be2a932f006cde2a365fc0 100644 (file)
--- a/functions/page_header.php
+++ b/functions/page_header.php
@@ -277,8 +277,8 @@ function displayPageHeader($color, $mailbox, $xtra='', $session=false) {
 
     echo "<body text=\"$color[8]\" bgcolor=\"$color[4]\" link=\"$color[7]\" vlink=\"$color[7]\" alink=\"$color[7]\" $onload>\n\n";
     /** Here is the header and wrapping table **/
-    $shortBoxName = imap_utf7_decode_local(
-                     readShortMailboxName($mailbox, $delimiter));
+    $shortBoxName = htmlspecialchars(imap_utf7_decode_local(
+                     readShortMailboxName($mailbox, $delimiter)));
     if ( $shortBoxName == 'INBOX' ) {
         $shortBoxName = _("INBOX");
     }