XSS via $repo (from POST payload parameter)

[emanuelb]

in: https://github.com/phpmyadmin/scripts/blob/2f73e1c86c4ce0b4782ce8842348b6e49700369c/hooks/lib/github.php#L58

function github_make_release($repo, $tag, $version, $description)
{
    $ch = curl_init();
    echo "Release:\n";
    echo " project=$repo\n";

The first parameter passed to this function from: https://github.com/phpmyadmin/scripts/blob/2f73e1c86c4ce0b4782ce8842348b6e49700369c/hooks/create_release.php#L35

    $data['repository']['name'],

which comes from:

$data = json_decode($_POST['payload'], true);

fix: use htmlspechialchars function in:

    echo " project=$repo\n";

or validate $repo / $data['repository']['name'] against white-list / allowed chars.