1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
|
From: =?utf-8?q?Bastien_Roucari=C3=A8s?= <rouca@debian.org>
Date: Thu, 10 Apr 2025 23:41:07 +0200
Subject: CVE-2024-6485
Sanitize data[state] avoiding thus XSS
origin: backport, https://github.com/entreprise7pro/bootstrap/commit/769c032fd93d6f2c07599e096a736c5d09c041cf
bug-debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1084060
bug: https://www.herodevs.com/vulnerability-directory/cve-2024-6485
---
js/button.js | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/js/button.js b/js/button.js
index ff4af20..6569240 100644
--- a/js/button.js
+++ b/js/button.js
@@ -25,6 +25,15 @@
loadingText: 'loading...'
}
+ Button.prototype.sanitize = function (unsafeText) {
+ return unsafeText
+ .replace(/&/g, '&')
+ .replace(/</g, '<')
+ .replace(/>/g, '>')
+ .replace(/"/g, '"')
+ .replace(/'/g, ''');
+ }
+
Button.prototype.setState = function (state) {
var d = 'disabled'
var $el = this.$element
@@ -37,7 +46,7 @@
// push to event loop to allow forms to submit
setTimeout($.proxy(function () {
- $el[val](data[state] == null ? this.options[state] : data[state])
+ $el[val](data[state] == null ? this.options[state] : this.sanitize(data[state]))
if (state == 'loadingText') {
this.isLoading = true
|
