* Fixed bug #11621: XSS vulnerabilities in workspace module (thanks to Georg Ringer)
* Fixed bug #11620: XSS vulnerability in task center module (thanks to Georg Ringer)
* Fixed bug #12628: XSS in sysext sys_action (thanks to Georg Ringer)
+ * Fixed bug #12634: XSS in the access module (thanks to Georg Ringer)
2010-02-22 Benjamin Mack <benni@typo3.org>
<tr>
<td class="bgColor2" colspan="2"> </td>
<td class="bgColor2"><img'.t3lib_iconWorks::skinImg($BACK_PATH,'gfx/line.gif','width="5" height="16"').' alt="" /></td>
- <td class="bgColor2" align="center" nowrap="nowrap"><b>'.$LANG->getLL('User',1).':</b> '.$BE_USER->user['username'].'</td>
+ <td class="bgColor2" align="center" nowrap="nowrap"><b>'.$LANG->getLL('User',1).':</b> ' . htmlspecialchars($BE_USER->user['username']) . '</td>
'.(!$BE_USER->isAdmin()?'<td class="bgColor2"><img'.t3lib_iconWorks::skinImg($BACK_PATH,'gfx/line.gif','width="5" height="16"').' alt="" /></td>
<td class="bgColor2" align="center"><b>'.$LANG->getLL('EditLock',1).'</b></td>':'').'
</tr>';