- sa-2006-002: XSS issues with username

includes/common.inc

@@ -945,7 +945,7 @@ function format_name($object) {
       $name = $object->name;
     }
 
-    $output = l($name, 'user/'. $object->uid, array('title' => t('View user profile.')));
+    $output = l(check_plain($name), 'user/'. $object->uid, array('title' => t('View user profile.')));
   }
   else if ($object->name) {
     // Sometimes modules display content composed by people who are
@@ -953,10 +953,10 @@ function format_name($object) {
     // aggregator modules). This clause enables modules to display
     // the true author of the content.
     if ($object->homepage) {
-      $output = '<a href="'. $object->homepage .'">'. $object->name .'</a>';
+      $output = '<a href="'. check_url($object->homepage) .'">'. check_plain($object->name) .'</a>';
     }
     else {
-      $output = $object->name;
+      $output = check_plain($object->name);
     }
 
     $output .= ' ('. t('not verified') .')';

modules/book.module

@@ -412,7 +412,7 @@ function book_view(&$node, $teaser = FALSE, $page = FALSE) {
   $node = book_content($node, $teaser);
 
   if (!$teaser && $node->moderate) {
-    $node->body .= '<div class="log"><div class="title">'. t('Log') .':</div>'. $node->log .'</div>';
+    $node->body .= '<div class="log"><div class="title">'. t('Log') .':</div>'. check_output($node->log, $node->format) .'</div>';
   }
 }
 

themes/engines/xtemplate/xtemplate.engine

@@ -179,7 +179,7 @@ function xtemplate_page($content, $title = NULL, $breadcrumb = NULL) {
 
   // only parse the mission block if we are on the frontpage ...
   if ($_GET["q"] == variable_get("site_frontpage", "node") && theme_get_setting('toggle_mission') && ($mission = theme_get_setting('mission'))) {
-    $xtemplate->template->assign("mission", $mission);
+    $xtemplate->template->assign("mission", filter_xss($mission));
     $xtemplate->template->parse("header.mission");
   }