[BUGFIX][SECURITY] XSS vulnerability in BE-User Admin module
authorMarco Bresch <marco.bresch@starfinanz.de>
Wed, 23 Nov 2011 16:34:58 +0000 (17:34 +0100)
committerGeorg Ringer <mail@ringerge.org>
Wed, 23 Nov 2011 19:12:33 +0000 (20:12 +0100)
commiteae7533727b57f2fb35487afe366352a6222db27
tree6131e8b601fe712ff2bd63679a152b3b46bae3b8
parentdf89db2a6e4c4f33e3a967c70af15f513239dcdd
[BUGFIX][SECURITY] XSS vulnerability in BE-User Admin module

Fix XSS at column 'workspace membership'.

How to test:
* choose a workspace title like "<b>test</b>"
* assign a user as member to the workspace
* select the BE-module "Admin Tools->User Admin"
* select the checkbox "Workspace membership"
* press update
* take a look at column "Workspace membership"

Change-Id: I29bb7d05a2740cc9c88eb67c224e942dfc9165dc
Fixes: #32040
Releases: 4.7, 4.6, 4.5, 4.4
Reviewed-on: http://review.typo3.org/6878
Reviewed-by: Oliver Klee
Reviewed-by: Georg Ringer
Tested-by: Georg Ringer
typo3/sysext/beuser/mod/index.php