From 655cfa50cc6ca10c86ff4fb183a31ad2255a8823 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Sat, 30 May 2020 08:05:37 +0200
Subject: [PATCH] Security: Fix couple of XSS issues in Installer (#7406)

---
 CHANGELOG          |  5 +++++
 installer/test.php | 10 +++++-----
 2 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index cbf46a045..e771bd4ac 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,11 @@
 CHANGELOG Roundcube Webmail
 ===========================
 
+RELEASE 1.3.12
+--------------
+
+- Security: Fix couple of XSS issues in Installer (#7406)
+
 RELEASE 1.3.11
 --------------
 - Enigma: Fix compatibility with Mail_Mime >= 1.10.5
diff --git a/installer/test.php b/installer/test.php
index 3b5918985..de1c62dd0 100644
--- a/installer/test.php
+++ b/installer/test.php
@@ -126,7 +126,7 @@ if ($RCI->configured) {
         else {
             $RCI->fail('DSN (write)', $db_error_msg);
             echo '<p class="hint">Make sure that the configured database exists and that the user has write privileges<br />';
-            echo 'DSN: ' . $RCI->config['db_dsnw'] . '</p>';
+            echo 'DSN: ' . rcube::Q($RCI->config['db_dsnw']) . '</p>';
         }
     }
     else {
@@ -261,19 +261,19 @@ if ($pass == '%p') {
 <tbody>
   <tr>
     <td><label for="smtp_server">Server</label></td>
-    <td><?php echo rcube_utils::parse_host($RCI->getprop('smtp_server', 'localhost')); ?></td>
+    <td><?php echo rcube::Q(rcube_utils::parse_host($RCI->getprop('smtp_server', 'localhost'))); ?></td>
   </tr>
   <tr>
     <td><label for="smtp_port">Port</label></td>
-    <td><?php echo $RCI->getprop('smtp_port'); ?></td>
+    <td><?php echo rcube::Q($RCI->getprop('smtp_port')); ?></td>
   </tr>
   <tr>
     <td><label for="smtp_user">Username</label></td>
-    <td><?php echo $user; ?></td>
+    <td><?php echo rcube::Q($user); ?></td>
   </tr>
   <tr>
     <td><label for="smtp_pass">Password</label></td>
-    <td><?php echo $pass; ?></td>
+    <td><?php echo rcube::Q($pass); ?></td>
   </tr>
 </tbody>
 </table>