From f8674d34d36aff25e0ab050e5114170255e40fd3 Mon Sep 17 00:00:00 2001
From: Damien Regad <dregad@mantisbt.org>
Date: Fri, 10 Mar 2017 00:24:51 +0100
Subject: [PATCH] Fix XSS in view_filters_page.php

The value of the view_type parameter was not sanitized before being
displayed as a hidden input.

This vulnerability was reported by Etienne Landais.

Fixes #22497
---
 view_filters_page.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/view_filters_page.php b/view_filters_page.php
index bccf4b0..5d80768 100644
--- a/view_filters_page.php
+++ b/view_filters_page.php
@@ -105,7 +105,7 @@ $t_filter = filter_ensure_valid_filter( $t_filter );
 
 	<?php # CSRF protection not required here - form does not result in modifications ?>
 	<input type="hidden" name="type" value="1" />
-	<input type="hidden" name="view_type" value="<?php echo $f_view_type; ?>" />
+	<input type="hidden" name="view_type" value="<?php echo $t_filter['_view_type']; ?>" />
 	<?php
 		if( $f_for_screen == false ) {
 			print '<input type="hidden" name="print" value="1" />';
-- 
1.9.1