From 6fb6211c56cd0ef54a109ff8e10634b4e7bda269 Mon Sep 17 00:00:00 2001
From: Nathan van der Werf <nvanderwerf93@gmail.com>
Date: Thu, 15 Nov 2018 22:05:44 +0100
Subject: [PATCH] Escape output to prevent XSS injections (#3924)

Credit to @nathan-van-der-werf
---
 .../backend/behaviors/reordercontroller/partials/_records.htm   | 2 +-
 modules/backend/widgets/search/partials/_search.htm             | 2 +-
 modules/system/controllers/maillayouts/update.htm               | 2 +-
 modules/system/controllers/mailpartials/update.htm              | 2 +-
 modules/system/controllers/mailtemplates/update.htm             | 2 +-
 modules/system/controllers/requestlogs/_referer_field.htm       | 2 +-
 6 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/modules/backend/behaviors/reordercontroller/partials/_records.htm b/modules/backend/behaviors/reordercontroller/partials/_records.htm
index dc46b2019..774461e96 100644
--- a/modules/backend/behaviors/reordercontroller/partials/_records.htm
+++ b/modules/backend/behaviors/reordercontroller/partials/_records.htm
@@ -7,7 +7,7 @@
     >
         <div class="record">
             <a href="javascript:;" class="move"></a>
-            <span><?= $this->reorderGetRecordName($record) ?></span>
+            <span><?= e($this->reorderGetRecordName($record)) ?></span>
             <input name="record_ids[]" type="hidden" value="<?= $record->getKey() ?>" />
         </div>
 
diff --git a/modules/backend/widgets/search/partials/_search.htm b/modules/backend/widgets/search/partials/_search.htm
index 92d4bc922..639f2abd4 100644
--- a/modules/backend/widgets/search/partials/_search.htm
+++ b/modules/backend/widgets/search/partials/_search.htm
@@ -3,7 +3,7 @@
         placeholder="<?= $placeholder ?>"
         type="text"
         name="<?= $this->getName() ?>"
-        value="<?= $value ?>"
+        value="<?= e($value) ?>"
         data-request="<?= $this->getEventHandler('onSubmit') ?>"
         <?= !$searchOnEnter ? 'data-track-input' : '' ?>
         data-load-indicator
diff --git a/modules/system/controllers/maillayouts/update.htm b/modules/system/controllers/maillayouts/update.htm
index 5a403ca0c..a0fba89c2 100644
--- a/modules/system/controllers/maillayouts/update.htm
+++ b/modules/system/controllers/maillayouts/update.htm
@@ -14,7 +14,7 @@
                 <div data-control="toolbar">
                     <div class="scoreboard-item title-value">
                         <h4><?= e(trans('system::lang.mail_templates.layout')) ?></h4>
-                        <p><?= $formModel->code ?></p>
+                        <p><?= e($formModel->code) ?></p>
                     </div>
                 </div>
             </div>
diff --git a/modules/system/controllers/mailpartials/update.htm b/modules/system/controllers/mailpartials/update.htm
index 1ef02a952..e33161eb7 100644
--- a/modules/system/controllers/mailpartials/update.htm
+++ b/modules/system/controllers/mailpartials/update.htm
@@ -14,7 +14,7 @@
                 <div data-control="toolbar">
                     <div class="scoreboard-item title-value">
                         <h4><?= e(trans('system::lang.mail_templates.partial')) ?></h4>
-                        <p><?= $formModel->code ?></p>
+                        <p><?= e($formModel->code) ?></p>
                     </div>
                 </div>
             </div>
diff --git a/modules/system/controllers/mailtemplates/update.htm b/modules/system/controllers/mailtemplates/update.htm
index 37088bf13..77b18c626 100644
--- a/modules/system/controllers/mailtemplates/update.htm
+++ b/modules/system/controllers/mailtemplates/update.htm
@@ -14,7 +14,7 @@
                 <div data-control="toolbar">
                     <div class="scoreboard-item title-value">
                         <h4><?= e(trans('system::lang.mail_templates.template')) ?></h4>
-                        <p><?= $formModel->code ?></p>
+                        <p><?= e($formModel->code) ?></p>
                     </div>
                 </div>
             </div>
diff --git a/modules/system/controllers/requestlogs/_referer_field.htm b/modules/system/controllers/requestlogs/_referer_field.htm
index 246498e2b..fa4e993a5 100644
--- a/modules/system/controllers/requestlogs/_referer_field.htm
+++ b/modules/system/controllers/requestlogs/_referer_field.htm
@@ -2,7 +2,7 @@
     <div class="form-control control-simplelist with-icons">
         <ul>
             <?php foreach ((array) $formModel->referer as $referer): ?>
-                <li class="oc-icon-file-o"><?= $referer ?></li>
+                <li class="oc-icon-file-o"><?= e($referer) ?></li>
             <?php endforeach ?>
         </ul>
     </div>