]> git.mxchange.org Git - friendica.git/commit
projects / friendica.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 13cb8bb) | patch
Remove escaping exception for form field values
authorHypolite Petovan <hypolite@mrpetovan.com>
Wed, 2 Aug 2023 14:29:50 +0000 (16:29 +0200)
committerHypolite Petovan <hypolite@mrpetovan.com>
Wed, 2 Aug 2023 14:30:48 +0000 (16:30 +0200)
commit6f9e15ea578e1ab73c0328c928444c0169f961bc
tree50f44067f1faf1697240446b01e1df35e89618aetree | snapshot
parent13cb8bb3955576ec53d79b1e204bb6cf41dddbd7commit | diff
Remove escaping exception for form field values

- This could allow code injection from a malicious query leading to a form page
- Thanks to Laura Pîrcălăboiu for the report
view/templates/field_combobox.tpl diff | blob | history
view/templates/field_openid.tpl diff | blob | history
view/templates/field_password.tpl diff | blob | history
view/theme/frio/templates/field_colorinput.tpl diff | blob | history
view/theme/frio/templates/field_fileinput.tpl diff | blob | history
view/theme/frio/templates/field_openid.tpl diff | blob | history
view/theme/frio/templates/field_password.tpl diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.