Skip to content
Permalink
Browse files Browse the repository at this point in the history
Fixed issue [security]: #15094 XSS in label title
Reported by Michele Cisternino https://www.linkedin.com/in/michelecisternino/
Dev: encode label name
  • Loading branch information
Shnoulle committed Aug 2, 2019
1 parent e91fc4b commit 0b7391d
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion application/views/admin/labels/labelview_view.php
Expand Up @@ -10,7 +10,7 @@
<div class="pagetitle h3">
<?php eT("Labels") ?>
<?php if(isset($model->label_name)): ?>
- <?=$model->label_name;?>
- <?php echo CHtml::encode($model->label_name); ?>
<?php endif; ?>
</div>
<div class="container">
Expand Down

0 comments on commit 0b7391d

Please sign in to comment.