[SECURITY] XSS in TCA Tree
authorOliver Hader <oliver@typo3.org>
Thu, 8 Nov 2012 11:44:51 +0000 (12:44 +0100)
committerOliver Hader <oliver.hader@typo3.org>
Thu, 8 Nov 2012 11:44:54 +0000 (12:44 +0100)
commit74c2aabf6811b105a5fcdfa20b282a55adeef60e
treebcb2871c259b0ed385460fa7788031af9bf63de8
parent2bbc7a32f1866498c9991bff5ae8242111ad1f32
[SECURITY] XSS in TCA Tree

Properly html encode the label of tree nodes.

Fixes: #42774
Releases: 6.0, 4.7, 4.6, 4.5

Change-Id: I56b823bdd7ac8f4e8d533604cc91eb99e3bcd808
Security-Commit: b1b0b68d026795d04721f73c436eab2de72285d9
Security-Bulletin: TYPO3-CORE-SA-2012-005
Reviewed-on: http://review.typo3.org/16306
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
typo3/sysext/backend/Classes/Tree/Renderer/ExtJsJsonTreeRenderer.php
typo3/sysext/backend/Classes/Tree/Renderer/UnorderedListTreeRenderer.php