[SECURITY] XSS in colorpicker wizard 83/26183/2
authorAnja Leichsenring <aleichsenring@ab-softlab.de>
Tue, 10 Dec 2013 09:51:23 +0000 (10:51 +0100)
committerOliver Hader <oliver.hader@typo3.org>
Tue, 10 Dec 2013 09:51:28 +0000 (10:51 +0100)
commit77dc1c4e5e56233c126cf34994b43ce6d5340b7a
treeb08b093a5c69573341d911f6704f981ebcb4bb1b
parent52d3bff43f7467b565cb7084d2605d2f06c8d559
[SECURITY] XSS in colorpicker wizard

Encode user-input in JavaScript context for colorpicker.

Change-Id: Ia5d181bb74f3cbe2d2b7c75097655f9c7593b70d
Fixes: #42772
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit: 9fba6ded6247aaa74b974daf1c9bba5eb4aaf028
Security-Bulletin: TYPO3-CORE-SA-2013-004
Reviewed-on: https://review.typo3.org/26183
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
typo3/wizard_colorpicker.php