composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-04-23 02:28:44 +02:00
Code Issues Packages Projects Releases Wiki Activity

N°931 Fix XSS in console.

Browse Source
This commit is contained in:
Molkobain
2018-09-28 12:08:14 +02:00
parent 46dee2919e
commit 333c51b0f9
2 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
core/attributedef.class.inc.php
View File

@@ -7257,7 +7257,7 @@ class AttributeTagSet extends AttributeSet
$sFilter = urlencode($oFilter->serialize());
$sUrl = utils::GetAbsoluteUrlAppRoot()."pages/$sUIPage?operation=search&filter=".$sFilter."&{$sContext}";
$sHtml .= '<a href="'.$sUrl.'" class="attribute-set-item attribute-set-item-'.$sTagCode.'" data-code="'.$sTagCode.'" data-label="'.$sTagLabel.'" data-description="'.htmlentities($sTagDescription, ENT_QUOTES, 'UTF-8').'">'.$sTagLabel.'</a>';
$sHtml .= '<a href="'.$sUrl.'" class="attribute-set-item attribute-set-item-'.$sTagCode.'" data-code="'.$sTagCode.'" data-label="'.htmlentities($sTagLabel, ENT_QUOTES, 'UTF-8').'" data-description="'.htmlentities($sTagDescription, ENT_QUOTES, 'UTF-8').'">'.$sTagLabel.'</a>';
}
else
{
@@ -7451,7 +7451,7 @@ class AttributeTagSet extends AttributeSet
static public function GetFormFieldClass()
{
return '\\Combodo\\iTop\\Form\\Field\\TagSetField';
return '\\Combodo\\iTop\\Form\\Field\\SetField';
}
}