From f810416ffdec2911166c352b93b3b73d7a679d93 Mon Sep 17 00:00:00 2001 From: dmjohnsson23 Date: Tue, 21 May 2024 13:47:10 -0600 Subject: [PATCH 1/2] Fix username bug on groups.php If a username has a special character (such as a period, which is common in usernames), it is not possible to edit a group containing that user. This patch fixes that. Now, the username can safely contain anything but a double quote. For true safety, it may also be beneficial to backslash-escape any double quotes as well, but I don't think that should be strictly required as usernames probably shouldn't contain double quotes anyway, and I don't think the bug is exploitable for XSS in this particular context either. --- groups.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/groups.php b/groups.php index a480fabfd..cb731149e 100644 --- a/groups.php +++ b/groups.php @@ -266,7 +266,7 @@ function edit_group(id) { $('#editName').prop("value", group['name']); for (var i = 0; i < cnt; i++) { console.log('Selected user: ' + selectedUsers[i]); - $('#editUsers option[value=' + selectedUsers[i] + ']').attr('selected',true).change(); + $('#editUsers option[value="' + selectedUsers[i] + '"]').attr('selected',true).change(); } } From 5144e03e27d4c0eefb6b2fdef42f9cc8e52a6e74 Mon Sep 17 00:00:00 2001 From: RousselAaron <60214405+RousselAaron@users.noreply.github.com> Date: Mon, 27 May 2024 11:22:31 +0200 Subject: [PATCH 2/2] Update user_mgmt.php fix a security error when the user accesses settings -> preferences -> my profile and when editing his profile, he can set himself as administrator --- user_mgmt.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/user_mgmt.php b/user_mgmt.php index 0be470b41..9d01467d3 100644 --- a/user_mgmt.php +++ b/user_mgmt.php @@ -123,10 +123,12 @@ +
+