[SECURITY] Prevent XSS in ContentObjectRenderer 77/49077/2
authorBenni Mack <benni@typo3.org>
Tue, 19 Jul 2016 10:17:26 +0000 (12:17 +0200)
committerOliver Hader <oliver.hader@typo3.org>
Tue, 19 Jul 2016 10:17:29 +0000 (12:17 +0200)
commite4cfac074d09b2ac6304418a2491e222aadbae57
tree694c49a2493cfbaa3669b7008c977789105c17c1
parent9f92550933c576c400d0f1da67578c1d05f2d830
[SECURITY] Prevent XSS in ContentObjectRenderer

Properly escape various parameters.

Resolves: #31244
Releases: master, 7.6, 6.2
Security-Commit: 1efa6adc7b1d332c384779451626e34059e30d8d
Security-Bulletins: TYPO3-CORE-SA-2016-014, 015, 016, 017, 018
Change-Id: I66c30eff40fa530477380443e86857233bb09b49
Reviewed-on: https://review.typo3.org/49077
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
typo3/sysext/frontend/Classes/ContentObject/ContentObjectRenderer.php