Skip to content

Commit 30e5ae7

Browse files
Fix XSS in linked Custom Field's values
Github Security Advisory GHSA-2f37-9xpx-5hhw Fixes #10, PR #11
1 parent d7a51ff commit 30e5ae7

File tree

1 file changed

+1
-11
lines changed

1 file changed

+1
-11
lines changed

Diff for: LinkedCustomFields.API.php

+1-11
Original file line numberDiff line numberDiff line change
@@ -105,17 +105,7 @@ class JavascriptUtils {
105105
const LOG_ERROR = 4;
106106

107107
static function toJSArray( $p_array ) {
108-
109-
$t_field_values_js = '[ ';
110-
111-
foreach( $p_array as $t_custom_field_value ) {
112-
$t_field_values_js .= '"'.string_attribute( $t_custom_field_value ).'" ,';
113-
}
114-
115-
$t_field_values_js = rtrim( $t_field_values_js, ',' );
116-
$t_field_values_js .= ']';
117-
118-
return $t_field_values_js;
108+
return json_encode($p_array);
119109
}
120110

121111
static function consoleLog( $p_message, $p_level = self::LOG_INFO ) {

0 commit comments

Comments
 (0)