projects / civicrm-core.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4a3a043)
Fix security/core#125 Stored xss in survey title
authorcolemanw <coleman@civicrm.org>
Sat, 2 Sep 2023 18:28:02 +0000 (14:28 -0400)
committerSeamus Lee <seamuslee001@gmail.com>
Thu, 7 Sep 2023 00:19:10 +0000 (10:19 +1000)
CRM/Campaign/Page/DashBoard.php patch | blob | blame | history

diff --git a/CRM/Campaign/Page/DashBoard.php b/CRM/Campaign/Page/DashBoard.php
index b299681f14eb6f46c468c0edccd3ded257fa1520..013ebcec4da803dcaa78fdd3110d641a8c430e5f 100644 (file)
--- a/CRM/Campaign/Page/DashBoard.php
+++ b/CRM/Campaign/Page/DashBoard.php
@@ -318,7 +318,7 @@ class CRM_Campaign_Page_DashBoard extends CRM_Core_Page {
         $surveysData[$sid]['is_default'] = boolval($surveysData[$sid]['is_default']);
 
         if ($surveysData[$sid]['result_id']) {
-          $resultSet = '<a href= "javascript:displayResultSet( ' . $sid . ',' . "'" . $surveysData[$sid]['title'] . "'" . ', ' . $surveysData[$sid]['result_id'] . ' )" title="' . ts('view result set', ['escape' => 'htmlattribute']) . '">' . ts('Result Set') . '</a>';
+          $resultSet = '<a href= "javascript:displayResultSet( ' . $sid . ', ' . htmlspecialchars(json_encode($surveysData[$sid]['title'])) . ', ' . $surveysData[$sid]['result_id'] . ' )" title="' . ts('view result set', ['escape' => 'htmlattribute']) . '">' . ts('Result Set') . '</a>';
           $surveysData[$sid]['result_id'] = $resultSet;
         }
         else {