[SECURITY] XSS in be_layouts
authorGeorg Ringer <mail@ringerge.org>
Wed, 28 Mar 2012 11:54:10 +0000 (13:54 +0200)
committerOliver Hader <oliver@typo3.org>
Wed, 28 Mar 2012 11:54:13 +0000 (13:54 +0200)
commitfa6a1036554ec099d6947dbe09707a8d998ec217
treeb845d1373a2da33383e48a75d34c303f75531962
parent784ffda581fe0f0f598a86036ec96b3f2ccb142d
[SECURITY] XSS in be_layouts

Some values from the backend layout configuration
are not properly escaped

Change-Id: Ifc5debc16e29d632f21380c1fb2e410e00633fa7
Fixes: #29536
Security-Commit: f686b42d55688dde6b6bc64f75032c56c09aed4c
Security-Bulletin: TYPO3-CORE-SA-2012-001
Reviewed-on: http://review.typo3.org/10004
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
typo3/sysext/cms/layout/class.tx_cms_layout.php