Commit 2305b493 authored by Oliver Hader's avatar Oliver Hader
Browse files

Fixed bug #13961: XSS in impexp (thanks to Georg Ringer)

git-svn-id: https://svn.typo3.org/TYPO3v4/Core/branches/TYPO3_4-1@8337 709f56b5-9817-0410-a4d7-c38de5d9e867
parent a38ddf59
......@@ -3,6 +3,7 @@
* Fixed bug #14978: XSS in file tree (thanks to Georg Ringer)
* Fixed bug #13292: TYPO3 error message reveals path to web root (thanks to Xavier Perseguers)
* Fixed bug #11618: XSS vulnerability in install tool / BE login (thanks to Georg Ringer)
* Fixed bug #13961: XSS in impexp (thanks to Georg Ringer)
2010-05-17 Oliver Hader <oliver@typo3.org>
......
......@@ -1421,7 +1421,7 @@ class SC_mod_tools_log_index extends t3lib_SCbase {
'preset_data' => serialize($inData)
);
$GLOBALS['TYPO3_DB']->exec_INSERTquery('tx_impexp_presets',$fields_values);
$msg = 'New preset "'.$inData['preset']['title'].'" is created';
$msg = 'New preset "' . htmlspecialchars($inData['preset']['title']) . '" is created';
}
}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment