[SECURITY] Prevent XSS in ContentObjectRenderer 64/49064/2
authorBenni Mack <benni@typo3.org>
Tue, 19 Jul 2016 10:15:47 +0000 (12:15 +0200)
committerOliver Hader <oliver.hader@typo3.org>
Tue, 19 Jul 2016 10:15:49 +0000 (12:15 +0200)
commit7dc9baf9e4399d008084e490c1b6771aac0ccef4
treeb5b51780f79893af21fe4da634eaf6b6ea5313fc
parent7dd99174fb5885f266bdf17a2a926fb46b8aecb6
[SECURITY] Prevent XSS in ContentObjectRenderer

Properly escape various parameters.

Resolves: #31244
Releases: master, 7.6, 6.2
Security-Commit: 582106e4a9a1244c5f8a51ce8e1d2cd7686cbf1e
Security-Bulletins: TYPO3-CORE-SA-2016-014, 015, 016, 017, 018
Change-Id: I90bbe66c5ee61223ddcb92133e28ab1653e276c8
Reviewed-on: https://review.typo3.org/49064
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
typo3/sysext/frontend/Classes/ContentObject/ContentObjectRenderer.php