Permalink
Browse files

EZP-29699: XSS js vulnerability in 'module disabled' error template (#…

  • Loading branch information...
konradoboza authored and glye committed Oct 17, 2018
1 parent 13f03a2 commit 4697bff700e8cf95d5847ea19dad3479a77b02d9
Showing with 5 additions and 5 deletions.
  1. +5 −5 design/standard/templates/error/kernel/22.tpl
@@ -1,16 +1,16 @@
{* DO NOT EDIT THIS FILE! Use an override template instead. *}
<div class="warning">
{if $parameters.check.view_checked}
<h2>{"View is disabled"|i18n("design/standard/error/kernel",,array($parameters.check.view,$parameters.check.module))}</h2>
<h2>{"View is disabled"|i18n("design/standard/error/kernel",,array($parameters.check.view|wash,$parameters.check.module|wash))}</h2>
<ul>
<li>{"The view %module/%view is disabled and cannot be accessed."|i18n("design/standard/error/kernel",,
hash('%view',$parameters.check.view,
'%module',$parameters.check.module))}</li>
hash('%view',$parameters.check.view|wash,
'%module',$parameters.check.module|wash))}</li>
</ul>
{else}
<h2>{"Module is disabled"|i18n("design/standard/error/kernel",,array($parameters.check.module))}</h2>
<h2>{"Module is disabled"|i18n("design/standard/error/kernel",,array($parameters.check.module|wash))}</h2>
<ul>
<li>{"The module %module is disabled and cannot be accessed."|i18n("design/standard/error/kernel",,hash('%module',$parameters.check.module))}</li>
<li>{"The module %module is disabled and cannot be accessed."|i18n("design/standard/error/kernel",,hash('%module',$parameters.check.module|wash))}</li>
</ul>
{/if}
</div>

0 comments on commit 4697bff

Please sign in to comment.