[freeside-commits] branch master updated. 9760cdc40e900328990e3c91a7ea99eb43d70c21
Christopher Burger
burgerc at 420.am
Fri Jun 30 10:25:10 PDT 2017
The branch, master has been updated
via 9760cdc40e900328990e3c91a7ea99eb43d70c21 (commit)
from 9d6c810bf70d12221ff3b7916b717a6f0c924a1c (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 9760cdc40e900328990e3c91a7ea99eb43d70c21
Author: Christopher Burger <burgerc at freeside.biz>
Date: Fri Jun 30 13:24:29 2017 -0400
RT# 74666 - fixed vulnerability by escaping quotation_description var
diff --git a/httemplate/view/quotation.html b/httemplate/view/quotation.html
index aba1f0a..d4d79d7 100755
--- a/httemplate/view/quotation.html
+++ b/httemplate/view/quotation.html
@@ -2,7 +2,7 @@
<& /elements/header-cust_main.html, view=>'quotations', custnum=>$quotation->custnum &>
<h2>Quotation #<% $quotationnum %>
% if ($quotation->quotation_description) {
-(<% $quotation->quotation_description %>)
+(<% $quotation->quotation_description |h %>)
% }
</h2>
% } else { #eventually, header-prospect_main.html
-----------------------------------------------------------------------
Summary of changes:
httemplate/view/quotation.html | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
More information about the freeside-commits
mailing list