velocity-tools/CVE-2020-13959.patch

From e141828a4eb03e4b0224535eed12b5c463a24152 Mon Sep 17 00:00:00 2001
From: Jackson Henry <54763344+JHHAX@users.noreply.github.com>
Date: Thu, 8 Oct 2020 14:18:25 +1100
Subject: [PATCH] Fixed Reflected XSS Vuln

Velocity Tools has an automatically generated error page, which echoes back the file name unescaped. This commit sanitizes user input and fixes the XSS Vulnerability!

Updated XSS Vuln fix (used StringEscapeUtils)
---
 .../org/apache/velocity/tools/view/VelocityViewServlet.java     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/java/org/apache/velocity/tools/view/VelocityViewServlet.java b/src/main/java/org/apache/velocity/tools/view/VelocityViewServlet.java
index aff9b71d7..325ab0bba 100644
--- a/src/main/java/org/apache/velocity/tools/view/VelocityViewServlet.java
+++ b/src/main/java/org/apache/velocity/tools/view/VelocityViewServlet.java
@@ -460,7 +460,7 @@ protected void error(HttpServletRequest request,
             html.append("<head><title>Error</title></head>\n");
             html.append("<body>\n");
             html.append("<h2>VelocityView : Error processing a template for path '");
-            html.append(path);
+            html.append(StringEscapeUtils.escapeHtml(path));
             html.append("'</h2>\n");
 
             Throwable cause = e;
fix CVE-2020-13959 (cherry picked from commit f19649e16621465c788d8648aad250464ee1764c) 2021-03-20 10:15:12 +08:00			`From e141828a4eb03e4b0224535eed12b5c463a24152 Mon Sep 17 00:00:00 2001`
			`From: Jackson Henry <54763344+JHHAX@users.noreply.github.com>`
			`Date: Thu, 8 Oct 2020 14:18:25 +1100`
			`Subject: [PATCH] Fixed Reflected XSS Vuln`

			`Velocity Tools has an automatically generated error page, which echoes back the file name unescaped. This commit sanitizes user input and fixes the XSS Vulnerability!`

			`Updated XSS Vuln fix (used StringEscapeUtils)`
			`---`
			`.../org/apache/velocity/tools/view/VelocityViewServlet.java \| 2 +-`
			`1 file changed, 1 insertion(+), 1 deletion(-)`

			`diff --git a/src/main/java/org/apache/velocity/tools/view/VelocityViewServlet.java b/src/main/java/org/apache/velocity/tools/view/VelocityViewServlet.java`
			`index aff9b71d7..325ab0bba 100644`
			`--- a/src/main/java/org/apache/velocity/tools/view/VelocityViewServlet.java`
			`+++ b/src/main/java/org/apache/velocity/tools/view/VelocityViewServlet.java`
			`@@ -460,7 +460,7 @@ protected void error(HttpServletRequest request,`
			`html.append("<head><title>Error</title></head>\n");`
			`html.append("<body>\n");`
			`html.append("<h2>VelocityView : Error processing a template for path '");`
			`- html.append(path);`
			`+ html.append(StringEscapeUtils.escapeHtml(path));`
			`html.append("'</h2>\n");`

			`Throwable cause = e;`