Fixed security vulnerabilities. JM-1506

git-svn-id: http://svn.igniterealtime.org/svn/repos/openfire/trunk@10936 b35dd754-fafc-0310-a699-88a17e54d16e

src/web/group-summary.jsp

@@ -46,6 +46,8 @@
             && !request.getParameter("search").trim().equals(""))
     {
         search = request.getParameter("search");
+        // Santize variables to prevent vulnerabilities
+        search = StringUtils.escapeHTMLTags(search);
         // Use the search terms to get the list of groups and group count.
         groups = webManager.getGroupManager().search(search, start, range);
         // Get the count as a search for *all* groups. That will let us do pagination even

src/web/log.jsp

@@ -87,6 +87,9 @@
         numLinesParam = "50";
     }
 
+    // Santize variables to prevent vulnerabilities
+    log = StringUtils.escapeHTMLTags(log);
+
     // Other vars
     File logDir = new File(Log.getLogDirectory());
     String filename = log + ".log";

src/web/logviewer.jsp

@@ -130,6 +130,11 @@
         return;
     }
 
+    // Santize variables to prevent vulnerabilities
+    if (log != null) {
+        log = StringUtils.escapeHTMLTags(log);
+    }
+
     debugEnabled = Log.isDebugEnabled();
     User pageUser = admin.getUser();
 

src/web/user-properties.jsp

@@ -23,6 +23,7 @@
 <%@ page import="org.xmpp.packet.JID"%><%@ page import="org.xmpp.packet.Presence"%>
 <%@ page import="java.net.URLEncoder" %>
 <%@ page import="java.util.Collection" %>
+<%@ page import="org.jivesoftware.util.StringUtils" %>
 
 <%@ taglib uri="http://java.sun.com/jstl/core_rt" prefix="c" %>
 <%@ taglib uri="http://java.sun.com/jstl/fmt_rt" prefix="fmt" %>
@@ -146,7 +147,7 @@
         <tr>
         <td class="jive-icon-label">
             <fmt:message key="error.specific_user_not_found">
-                <fmt:param value="<%= username%>" />
+                <fmt:param value="<%= StringUtils.escapeHTMLTags(username)%>" />
             </fmt:message>
         </td></tr>
     </tbody>