[SECURITY] Page Link Target vulnerable to XSS
authorMarkus Bucher <markusbucher@gmx.de>
Wed, 15 Aug 2012 10:22:05 +0000 (12:22 +0200)
committerOliver Hader <oliver.hader@typo3.org>
Wed, 15 Aug 2012 10:22:12 +0000 (12:22 +0200)
commit14f9a48ecb0c7bcfc12b5c98fbc68b5724250174
treed929aff0d84e3247532b3bb3caa74ff0d0d09e1d
parent2518600207b4d627248a0f8bf2f1aae66f7a8b3f
[SECURITY] Page Link Target vulnerable to XSS

This patch adds htmlspecialchars to page link target to prevent
XSS.

Change-Id: I5e9f07ec7465cd8658c4761328b394559cf9a53b
Fixes: #32653
Releases: 6.0, 4.7, 4.6, 4.5
Security-Commit: 5de8ebf8a53e744fa9ce06a9e02835c7a637a664
Security-Bulletin: TYPO3-CORE-SA-2012-004
Reviewed-on: http://review.typo3.org/13773
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
typo3/sysext/cms/tslib/class.tslib_content.php