Author: Lars Michelsen <[email protected]>
Date: Fri Mar 8 13:57:33 2013 +0100
Committer: Lars Michelsen <[email protected]>
Commit-Date: Fri Mar 8 13:57:33 2013 +0100
Escaping html entities correctly in add/modify dialog
---
share/server/core/classes/WuiViewMapAddModify.php | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/share/server/core/classes/WuiViewMapAddModify.php
b/share/server/core/classes/WuiViewMapAddModify.php
index 749d89e..e037ca2 100644
--- a/share/server/core/classes/WuiViewMapAddModify.php
+++ b/share/server/core/classes/WuiViewMapAddModify.php
@@ -359,7 +359,7 @@ class WuiViewMapAddModify {
}
}
- $ret .= '<span
id="_txt_'.$propname.'"'.$hideTxt.'>'.$valueTxt.'</span>';
+ $ret .= '<span
id="_txt_'.$propname.'"'.$hideTxt.'>'.htmlentities($valueTxt).'</span>';
$ret .= '</td></tr>';
------------------------------------------------------------------------------
Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester
Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in the
endpoint security space. For insight on selecting the right partner to
tackle endpoint security challenges, access the full report.
http://p.sf.net/sfu/symantec-dev2dev
_______________________________________________
Nagvis-checkins mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/nagvis-checkins
