[SECURITY] Prevent XSS in TER download dialog 63/45263/2
authorNicole Cordes <typo3@cordes.co>
Tue, 15 Dec 2015 10:33:22 +0000 (11:33 +0100)
committerOliver Hader <oliver.hader@typo3.org>
Tue, 15 Dec 2015 10:33:27 +0000 (11:33 +0100)
commit12050718aaf708695c115c3eb0816089bb8a4f2b
treec8ba88ce3940cce4502845cb979c1df040ce0f87
parent0d11eaf1ca0625689bc351c7f8af07a3dc606cd3
[SECURITY] Prevent XSS in TER download dialog

Due to the json request format during a TER extension installation,
the EM is susceptible to XSS.

Resolves: #71524
Releases: master, 6.2
Security-Commit: f109bf3ef49b88ed8b39e053b285e8f239210136
Security-Bulletins: TYPO3-CORE-SA-2015-010, 011, 012, 013, 014, 015
Change-Id: Ib47ec9f715578871d3c1a67aaca2b99d27a07f8e
Reviewed-on: https://review.typo3.org/45263
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
typo3/sysext/extensionmanager/Resources/Private/Partials/List/UnresolvedDependencies.html