[freeside-commits] branch master updated. 0da59a28d129728c18481ca80e8841585b69dd0c
Ivan
ivan at 420.am
Sun Feb 17 15:23:58 PST 2013
The branch, master has been updated
via 0da59a28d129728c18481ca80e8841585b69dd0c (commit)
from c13c6407510f6fd1783ce0fbd97800afa27c30b5 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 0da59a28d129728c18481ca80e8841585b69dd0c
Author: Ivan Kohler <ivan at freeside.biz>
Date: Sun Feb 17 15:23:56 2013 -0800
fix low-impact XSS
diff --git a/httemplate/edit/REAL_cust_pkg.cgi b/httemplate/edit/REAL_cust_pkg.cgi
index 4bcf55c..99e911a 100755
--- a/httemplate/edit/REAL_cust_pkg.cgi
+++ b/httemplate/edit/REAL_cust_pkg.cgi
@@ -70,7 +70,7 @@ function confirm_changes() {
<TR>
<TD ALIGN="right">Comment</TD>
- <TD BGCOLOR="#ffffff"><% $part_pkg->comment %></TD>
+ <TD BGCOLOR="#ffffff"><% $part_pkg->comment |h %></TD>
</TR>
<TR>
diff --git a/httemplate/edit/cust_pkg_detail.html b/httemplate/edit/cust_pkg_detail.html
index 009ed5c..5e10706 100644
--- a/httemplate/edit/cust_pkg_detail.html
+++ b/httemplate/edit/cust_pkg_detail.html
@@ -28,7 +28,7 @@
<TR>
<TD ALIGN="right">Comment</TD>
- <TD BGCOLOR="#ffffff"><% $part_pkg->comment %></TD>
+ <TD BGCOLOR="#ffffff"><% $part_pkg->comment |h %></TD>
</TR>
<TR>
-----------------------------------------------------------------------
Summary of changes:
httemplate/edit/REAL_cust_pkg.cgi | 2 +-
httemplate/edit/cust_pkg_detail.html | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
More information about the freeside-commits
mailing list