[SECURITY] XSS in TCA Tree
authorOliver Hader <oliver@typo3.org>
Thu, 8 Nov 2012 11:44:14 +0000 (12:44 +0100)
committerOliver Hader <oliver.hader@typo3.org>
Thu, 8 Nov 2012 11:44:17 +0000 (12:44 +0100)
commitb02026ddbf7747a47e3d1ce46c2be4e460c4256d
treebc2202f1c534099d7be56ec5ff071dbe7e17c8e6
parentf22dc79c650fe0473c2433b73a3f504476e246d4
[SECURITY] XSS in TCA Tree

Properly html encode the label of tree nodes.

Fixes: #42774
Releases: 6.0, 4.7, 4.6, 4.5

Change-Id: I59773eb475d0736933a17b3151c998a7e3c528b7
Security-Commit: 04a1bd7b4f131c9e31c39ee63e6ccaf4932dbd8f
Security-Bulletin: TYPO3-CORE-SA-2012-005
Reviewed-on: http://review.typo3.org/16300
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
t3lib/tree/renderer/class.t3lib_tree_renderer_extjsjson.php
t3lib/tree/renderer/class.t3lib_tree_renderer_unorderedlist.php