[SECURITY] XSS in new content element wizard 05/30305/2
authorMarcus Krause <marcus.krause@typo3.org>
Thu, 22 May 2014 07:33:58 +0000 (09:33 +0200)
committerOliver Hader <oliver.hader@typo3.org>
Thu, 22 May 2014 07:34:02 +0000 (09:34 +0200)
commit6c6ae4b60079980c71250d9d4393b9ea1b1f2e31
tree8ce398ed2c209caea8dbccfc81f2be20a17b9f29
parent1e2843b4f3f275eea1ff79f7076ca7925e915e47
[SECURITY] XSS in new content element wizard

Sanitize user-input colPos in new content element wizard.

Change-Id: Ifa90ea1ede3b6c2a5436c505993c533803306d01
Fixes: #48695
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit: bad0160450fb5786e1cb1e393c76c3da38c2ffe7
Security-Bulletin: TYPO3-CORE-SA-2014-001
Reviewed-on: https://review.typo3.org/30305
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
typo3/sysext/backend/Classes/Controller/ContentElement/NewContentElementController.php