[TYPO3-core] RFC #17133: Pagetree - qtip can be used to execute custom javascript (XSS)

Peter Foerger pfoerger at gmail.com
Thu Jan 20 21:20:37 CET 2011


Hi,

Am 19.01.11 01:08, schrieb Stefan Galinski:
> Solution:
> Add an htmlspecialchars call to fix that issue.
> 
> Note:
> The patch was already reviewed by Helmut.


+1 by reading.

~Peter



More information about the TYPO3-team-core mailing list