From: Joshua Rüsweg <josh@bastelstu.be>
Date: Sun, 29 Jan 2017 14:36:36 +0000 (+0100)
Subject: fix theoretical XSS issue in notices
X-Git-Tag: 3.0.2~38^2~1
X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=43573447e1266750ebd07e5bad0551d85017aeec;p=GitHub%2FWoltLab%2FWCF.git

fix theoretical XSS issue in notices
---

diff --git a/wcfsetup/install/files/lib/data/notice/Notice.class.php b/wcfsetup/install/files/lib/data/notice/Notice.class.php
index 3e1b989d7d..03a35191ae 100644
--- a/wcfsetup/install/files/lib/data/notice/Notice.class.php
+++ b/wcfsetup/install/files/lib/data/notice/Notice.class.php
@@ -6,6 +6,7 @@ use wcf\system\condition\ConditionHandler;
 use wcf\system\request\IRouteController;
 use wcf\system\user\storage\UserStorageHandler;
 use wcf\system\WCF;
+use wcf\util\StringUtil;
 
 /**
  * Represents a notice.
@@ -41,8 +42,8 @@ class Notice extends DatabaseObject implements IRouteController {
 		// replace `{$username}` with the active user's name and `{$email}`
 		// with the active user's email address
 		$text = strtr(WCF::getLanguage()->get($this->notice), [
-			'{$username}' => WCF::getUser()->username,
-			'{$email}' => WCF::getUser()->email
+			'{$username}' => $this->noticeUseHtml ? StringUtil::encodeHTML(WCF::getUser()->username) : WCF::getUser()->username,
+			'{$email}' => $this->noticeUseHtml ? StringUtil::encodeHTML(WCF::getUser()->email) : WCF::getUser()->email
 		]);
 		
 		if (!$this->noticeUseHtml) {