[SECURITY] Page Link Target vulnerable to XSS
authorMarkus Bucher <markusbucher@gmx.de>
Wed, 15 Aug 2012 10:19:10 +0000 (12:19 +0200)
committerOliver Hader <oliver.hader@typo3.org>
Wed, 15 Aug 2012 10:19:15 +0000 (12:19 +0200)
commit2ae69c8a8b9d21009a93f27c798ea3028b76ee59
treeecb424d04592792a586861ed1e638d53a61f5ae3
parent1eaebd3892e2179d6608e589a9e64d338e0cb8bc
[SECURITY] Page Link Target vulnerable to XSS

This patch adds htmlspecialchars to page link target to prevent
XSS.

Change-Id: I9e1ab1ac22c7bc1225f1d3d3234865e1e603656b
Fixes: #32653
Releases: 6.0, 4.7, 4.6, 4.5
Security-Bulletin: TYPO3-CORE-SA-2012-004
Reviewed-on: http://review.typo3.org/13753
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
typo3/sysext/cms/tslib/class.tslib_content.php