Another XSS

craftcms · Jul 29, 2022 · cdc9cb6 · cdc9cb6
1 parent f1bb2d4
commit cdc9cb6
Showing 1 changed file with 3 additions and 4 deletions.
diff --git a/src/helpers/Cp.php b/src/helpers/Cp.php
@@ -1169,7 +1169,6 @@ public static function addressCardHtml(Address $address, array $config = []): st
             'name' => null,
         ];
 
-        $label = $address->title;
         $canDelete = $address->canDelete(Craft::$app->getUser()->getIdentity());
         $actionMenuId = sprintf('address-card-action-menu-%s', mt_rand());
 
@@ -1183,10 +1182,10 @@ public static function addressCardHtml(Address $address, array $config = []): st
             ]) .
             ($config['name'] ? Html::hiddenInput("{$config['name']}[]", (string)$address->id) : '') .
             Html::beginTag('div', ['class' => 'address-card-header']) .
-            Html::tag('h2', $address->title, [
+            Html::tag('h2', Html::encode($address->title), [
                 'class' => array_filter([
                     'address-card-label',
-                    !$label ? 'hidden' : null,
+                    !$address->title ? 'hidden' : null,
                 ]),
             ]) .
             ($canDelete
@@ -1201,7 +1200,7 @@ public static function addressCardHtml(Address $address, array $config = []): st
                     'title' => Craft::t('app', 'Actions'),
                     'aria' => [
                         'controls' => $actionMenuId,
-                        'label' => sprintf('%s %s', $label ?? Craft::t('app', 'New Address'), Craft::t('app', 'Settings')),
+                        'label' => sprintf('%s %s', $address->title ? Html::encode($address->title) : Craft::t('app', 'New Address'), Craft::t('app', 'Settings')),
                     ],
                     'data' => [
                         'icon' => 'settings',