Fix potential XSS vulnerability on user's name
Add other locations as well a failsafe for the htmlentities() call
Showing
- include/ajax.tickets.php 4 additions, 4 deletionsinclude/ajax.tickets.php
- include/ajax.users.php 3 additions, 3 deletionsinclude/ajax.users.php
- include/class.format.php 9 additions, 3 deletionsinclude/class.format.php
- include/class.organization.php 5 additions, 1 deletioninclude/class.organization.php
- include/staff/templates/collaborators-preview.tmpl.php 1 addition, 1 deletioninclude/staff/templates/collaborators-preview.tmpl.php
- include/staff/templates/collaborators.tmpl.php 1 addition, 1 deletioninclude/staff/templates/collaborators.tmpl.php
- include/staff/templates/user-account.tmpl.php 1 addition, 1 deletioninclude/staff/templates/user-account.tmpl.php
- include/staff/templates/user-register.tmpl.php 1 addition, 1 deletioninclude/staff/templates/user-register.tmpl.php
- include/staff/ticket-open.inc.php 1 addition, 1 deletioninclude/staff/ticket-open.inc.php
- include/staff/user-view.inc.php 2 additions, 2 deletionsinclude/staff/user-view.inc.php
- login.php 1 addition, 1 deletionlogin.php
Loading
Please register or sign in to comment