Commit 2e158ce0 authored by Oliver Hader's avatar Oliver Hader
Browse files

Fixed bug #11620: XSS vulnerability in task center module

git-svn-id: https://svn.typo3.org/TYPO3v4/Core/branches/TYPO3_4-1@7630 709f56b5-9817-0410-a4d7-c38de5d9e867
parent 03e797e0
......@@ -5,6 +5,7 @@
* Fixed bug #11617: XSS in template module (thanks to Georg Ringer)
* Fixed bug #13249: XSS in TS Object Browser (thanks to Marcus Krause)
* Fixed bug #11621: XSS vulnerabilities in workspace module (thanks to Georg Ringer)
* Fixed bug #11620: XSS vulnerability in task center module (thanks to Georg Ringer)
2010-04-09 Michael Stucki <michael@typo3.org>
......
......@@ -151,10 +151,8 @@
* @return string header in the left side (HTML)
*/
function getleftHeader() {
$name = $GLOBALS['BE_USER']->user['realName']?$GLOBALS['BE_USER']->user['realName']:
$GLOBALS['BE_USER']->user['username'];
return '<h1>TYPO3 taskcenter <br />'.$name.'</h1>';
$name = $GLOBALS['BE_USER']->user['realName'] ? $GLOBALS['BE_USER']->user['realName'] : $GLOBALS['BE_USER']->user['username'];
return '<h1>TYPO3 taskcenter <br />' . htmlspecialchars($name) . '</h1>';
}
/**
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment