typo3/sysext/backend/Classes/Controller/ContentElement/NewContentElementController.php · 6c6ae4b60079980c71250d9d4393b9ea1b1f2e31 · accessibility / TYPO3.CMS

[SECURITY] XSS in new content element wizard · 6c6ae4b6

Marcus Krause authored May 22, 2014 and

Oliver Hader committed May 22, 2014

Sanitize user-input colPos in new content element wizard.

Change-Id: Ifa90ea1ede3b6c2a5436c505993c533803306d01
Fixes: #48695
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit: bad0160450fb5786e1cb1e393c76c3da38c2ffe7
Security-Bulletin: TYPO3-CORE-SA-2014-001
Reviewed-on: https://review.typo3.org/30305
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader

6c6ae4b6