[SECURITY] XSS in TCA Tree
Properly html encode the label of tree nodes. Fixes: #42774 Releases: 6.0, 4.7, 4.6, 4.5 Change-Id: I56b823bdd7ac8f4e8d533604cc91eb99e3bcd808 Security-Commit: b1b0b68d026795d04721f73c436eab2de72285d9 Security-Bulletin: TYPO3-CORE-SA-2012-005 Reviewed-on: http://review.typo3.org/16306 Reviewed-by: Oliver Hader Tested-by: Oliver Hader
Showing
- typo3/sysext/backend/Classes/Tree/Renderer/ExtJsJsonTreeRenderer.php 7 additions, 0 deletions...t/backend/Classes/Tree/Renderer/ExtJsJsonTreeRenderer.php
- typo3/sysext/backend/Classes/Tree/Renderer/UnorderedListTreeRenderer.php 1 addition, 1 deletion...ckend/Classes/Tree/Renderer/UnorderedListTreeRenderer.php
Please register or sign in to comment