[SECURITY] XSS vulnerability in extension manager 81/26181/2
authorMarcus Krause <marcus.krause@typo3.org>
Tue, 10 Dec 2013 09:51:10 +0000 (10:51 +0100)
committerOliver Hader <oliver.hader@typo3.org>
Tue, 10 Dec 2013 09:51:16 +0000 (10:51 +0100)
commitcae8739c84fb76f4e9388aa6b9bba33734cec3e3
tree4a7c04e7c6951c2e2b794495c553866f65d67039
parentba92f0abe512e9b024047921cdbb614d0ef63846
[SECURITY] XSS vulnerability in extension manager

Add escaping on extension meta data when rendering.

Change-Id: I64cb5f23281ddb6c63439bf33aaeac1b1fa803b4
Fixes: #20811
Releases: 4.7, 4.5
Security-Commit: 647add5b8b668c173376ac45e4d227e4b25112d9
Security-Bulletin: TYPO3-CORE-SA-2013-004
Reviewed-on: https://review.typo3.org/26181
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
typo3/sysext/em/Tests/Unit/tools/class.tx_em_toolsTest.php [new file with mode: 0644]
typo3/sysext/em/classes/extensions/class.tx_em_extensions_details.php
typo3/sysext/em/classes/extensions/class.tx_em_extensions_list.php
typo3/sysext/em/classes/index.php
typo3/sysext/em/classes/install/class.tx_em_install.php
typo3/sysext/em/classes/tools/class.tx_em_tools.php