* Fixed bug #14950: XSS in t3editor (thanks to Tobias Liebig)
* Fixed bug #14850: Information disclosure in t3lib_htmlmail (thanks to Georg Ringer)
* Fixed bug #13961: XSS in impexp (thanks to Georg Ringer)
+ * Fixed bug #13958: XSS in BE Log (thanks to Georg Ringer)
2010-07-27 Steffen Kamper <steffen@typo3.org>
$text = str_replace('%s','',$text);
}
}
+ $text = htmlspecialchars($text);
// Finding the history for the record
$res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('uid,fieldlist', 'sys_history', 'sys_log_uid='.intval($sys_log_uid));