Skip to content
Snippets Groups Projects
Commit 1bd00950 authored by Andreas Fernandez's avatar Andreas Fernandez Committed by Oliver Hader
Browse files

[SECURITY] XSS in form creation wizard 

The form name is rendered multiple times in the form wizard when either
creating or cloning a form. Any input is now sanitized to avoid XSS
in the summary step of the form wizard.

Resolves: #93560
Releases: master, 11.1, 10.4
Change-Id: I3ddce48e38e32456318c695774bbcd035115b5ae
Security-Bulletin: TYPO3-CORE-SA-2021-004
Security-References: CVE-2021-21358
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/68437


Tested-by: default avatarOliver Hader <oliver.hader@typo3.org>
Reviewed-by: default avatarOliver Hader <oliver.hader@typo3.org>
parent c44d9f5a
No related merge requests found
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment