[SECURITY] Ensure text preview of multivalue items in form editor

Multivalue items in the form editor user interface were previewed as HTML, but should be treated as scalar text only. Resolves: #96743 Releases: main, 11.5, 10.4 Change-Id: I5e8dab26119490ecf19ac5d48c2bc7a5a00daaad Security-Bulletin: TYPO3-CORE-SA-2022-003 Security-References: CVE-2022-31048 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/73297 Tested-by: Oliver Hader <oliver.hader@typo3.org> Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
TYPO3 · Jun 14, 2022 · 6f2554d · 6f2554d
1 parent c93ea69
commit 6f2554d
Showing 1 changed file with 6 additions and 6 deletions.
diff --git a/typo3/sysext/form/Resources/Public/JavaScript/backend/form-editor/stage-component.js b/typo3/sysext/form/Resources/Public/JavaScript/backend/form-editor/stage-component.js
@@ -513,10 +513,10 @@ function factory($, Helper, Icons) {
      */
     function setStageHeadline(title) {
       if (getUtility().isUndefinedOrNull(title)) {
-        title = buildTitleByFormElement();
+        title = buildTitleByFormElement().text();
       }
 
-      $(getHelper().getDomElementDataIdentifierSelector('stageHeadline')).html(title);
+      $(getHelper().getDomElementDataIdentifierSelector('stageHeadline')).text(title);
     };
 
     /**
@@ -981,10 +981,10 @@ function factory($, Helper, Icons) {
 
       getHelper()
         .getTemplatePropertyDomElement('_type', template)
-        .append(getFormElementDefinition(formElement, 'label'));
+        .append(document.createTextNode(getFormElementDefinition(formElement, 'label')));
       getHelper()
         .getTemplatePropertyDomElement('_identifier', template)
-        .append(formElement.get('identifier'));
+        .append(document.createTextNode(formElement.get('identifier')));
     };
 
     /**
@@ -1029,7 +1029,7 @@ function factory($, Helper, Icons) {
 
             getHelper()
               .getTemplatePropertyDomElement('_label', rowTemplate)
-              .append(collectionElementConfiguration['label']);
+              .append(document.createTextNode(collectionElementConfiguration['label']));
             $(getHelper().getDomElementDataIdentifierSelector('validatorsContainer'), $(template))
               .append(rowTemplate.html());
           }
@@ -1089,7 +1089,7 @@ function factory($, Helper, Icons) {
           }
         }
 
-        getHelper().getTemplatePropertyDomElement('_label', rowTemplate).append(label);
+        getHelper().getTemplatePropertyDomElement('_label', rowTemplate).append(document.createTextNode(label));
 
         if (isPreselected) {
           getHelper().getTemplatePropertyDomElement('_label', rowTemplate).addClass(