composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-02-13 07:24:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

N°4900 - Stored XSS in dashlets failed OQL query

Browse Source
This commit is contained in:
Benjamin Dalsass
2022-05-18 08:10:01 +02:00
parent 3d6bbe4029
commit 61a2d200b4
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
application/dashlet.class.inc.php
View File

@@ -255,7 +255,7 @@ abstract class Dashlet
catch(OqlException $e)
{
$oPage->add('<div class="dashlet-content">');
$oPage->p($e->GetUserFriendlyDescription());
$oPage->p(utils::HtmlEntities($e->GetUserFriendlyDescription()));
$oPage->add('</div>');
}
catch(Exception $e)