Skip to content
Snippets Groups Projects
Commit 2f35faff authored by Andreas Fernandez's avatar Andreas Fernandez Committed by Oliver Hader
Browse files

[SECURITY] XSS in PreviewRenderer with descriptions 

The PreviewRenderer pattern introduced with #78450 makes use of the TCA
feature `descriptionColumn` to render the content of this column in a
content element's preview in the page module.

The content of the column however was not properly escaped allowing
a persistent XSS abuse.

This patch adds a `htmlspecialchars()` to the output to escape the
content properly

Resolves: #93562
Related: #78450
Releases: master, 11.1, 10.4
Change-Id: I144c6c2d7f4f61f4479fac3c2d400a21f5d72405
Security-Bulletin: TYPO3-CORE-SA-2021-007
Security-References: CVE-2021-21340
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/68452


Tested-by: default avatarOliver Hader <oliver.hader@typo3.org>
Reviewed-by: default avatarOliver Hader <oliver.hader@typo3.org>
parent 6b8a1e13
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment