Commit 02789b5b authored by Committed by Oliver HaderBrowse files
[SECURITY] Mitigate XSS related to column names
The column names, defined in backend layouts, were not properly encoded at some places and therefore led to a XSS vulnerability. The issue is addressed by properly encoding user input. Resolves: #93683 Releases: master, 11.3, 10.4, 9.5, 8.7 Change-Id: I787cee9f56a30aeaf69294412c8d5198a144e31c Security-Bulletin: CORE-SA-2021-011 Security-References: CVE-2021-32669 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/69993 Tested-by: Oliver Hader <firstname.lastname@example.org> Reviewed-by: Oliver Hader <email@example.com>
This diff is collapsed.