Skip to content
Snippets Groups Projects
Commit 9916214f authored by Jared Hancock's avatar Jared Hancock
Browse files

security: Remove potential XSS vulnerability 

The ThreadEntryWidget has a potential cross site scripting (XSS)
vulnerability if data was posted directly to the page hosting the widget

Vulnerable URLs:
view.php, open.php, scp/open.php, scp/tickets.php

The content received in the HTTP POST is now correctly escaped when it is
echoed back to the user agent.
parent eb7dd95e
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment