Skip to content

Commit

Permalink
Fixed an XSS vulnerability.
Browse files Browse the repository at this point in the history
  • Loading branch information
@angrybrad
angrybrad committed Feb 23, 2023
1 parent dea6a42 commit 00fb253
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 1 deletion.
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Expand Up @@ -3,6 +3,7 @@
## Unreleased
- Fixed a bug where `craft\events\RegisterElementSourcesEvent::$context` wasn’t always set to `modal` when defining the available element sources for an element selection modal.
- Fixed a styling bug where multi-line checkbox labels within the Customize Sources modal weren’t wrapping properly. ([#12717](https://github.com/craftcms/cms/issues/12717))
- Fixed an XSS vulnerability.

## 3.7.67 - 2023-02-17

Expand Down
2 changes: 1 addition & 1 deletion src/elements/Asset.php
View file
Expand Up @@ -1856,7 +1856,7 @@ protected function metadata(): array

return [
Craft::t('app', 'Location') => function() use ($volume) {
$loc = [Craft::t('site', $volume->name)];
$loc = [Html::encode(Craft::t('site', $volume->name))];
if ($this->folderPath) {
array_push($loc, ...ArrayHelper::filterEmptyStringsFromArray(explode('/', $this->folderPath)));
}
Expand Down

0 comments on commit 00fb253

Please sign in to comment.