projects / civicrm-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0e8cb6c) | patch
security/core#65 - Fix XSS in Dashboard Report Title
authorPatrick Figel <pfigel@greenpeace.org>
Wed, 9 Oct 2019 10:45:33 +0000 (12:45 +0200)
committerSeamus Lee <seamuslee001@gmail.com>
Sat, 9 Nov 2019 02:58:58 +0000 (13:58 +1100)
commit1b0a9d272250a8f04305b8daa32dab4b04ee320b
tree2e7025edd477bea8361bfe33413afc04d923d17btree | snapshot (zip tar.gz)
parent0e8cb6c49421de97c72e0e57994ea31d4100904dcommit | diff
security/core#65 - Fix XSS in Dashboard Report Title

This fixes an XSS in report titles displayed on the dashboard page
by escaping the title on output.
CRM/Core/BAO/Dashboard.php diff | blob | blame | history
js/Common.js diff | blob | blame | history
js/jquery/jquery.dashboard.js diff | blob | blame | history