[SECURITY] Prevent XSS in TER download dialog 75/45275/2
authorNicole Cordes <typo3@cordes.co>
Tue, 15 Dec 2015 10:36:13 +0000 (11:36 +0100)
committerOliver Hader <oliver.hader@typo3.org>
Tue, 15 Dec 2015 10:36:19 +0000 (11:36 +0100)
commit43196544a521cb3c3a57ac3f7a8ac82d40ca8cd2
treef00aa019445337c11ac2c69ad9c0f453d4c8455e
parent30dab523c25b2e8478c29e999ed53626f67b969b
[SECURITY] Prevent XSS in TER download dialog

Due to the json request format during a TER extension installation,
the EM is susceptible to XSS.

Resolves: #71524
Releases: master, 6.2
Security-Commit: 45f7ec93279bff9cbbde1d76a5947b73adce81ab
Security-Bulletins: TYPO3-CORE-SA-2015-010, 011, 012, 013, 014, 015
Change-Id: I0e555c4e711c2d3f956b74ca53b0c0534c131724
Reviewed-on: https://review.typo3.org/45275
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
typo3/sysext/extensionmanager/Resources/Private/Partials/List/UnresolvedDependencies.html