Skip to content

Commit

Permalink
Merge pull request #123 from solspace/fix/SFT-897-vuln
Browse files Browse the repository at this point in the history
[SFT-897]: patching submissions index vulnerability
  • Loading branch information
kjmartens authored Feb 13, 2024
2 parents 9405da6 + 77848e0 commit 42facd0
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 3 deletions.
6 changes: 3 additions & 3 deletions composer.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "solspace/craft-express-forms",
"description": "Intuitive and lightweight form builder that gets the job done but doesn't get in your way.",
"description": "Intuitive and lightweight form builder.",
"version": "2.0.2",
"type": "craft-plugin",
"keywords": [
Expand All @@ -17,7 +17,7 @@
],
"support": {
"email": "support@solspace.com",
"issues": "https://github.com/solspace/craft-express-forms/issues?state=open",
"issues": "https://github.com/solspace/craft-express-forms/issues",
"source": "https://github.com/solspace/craft-express-forms",
"docs": "https://docs.solspace.com/craft/express-forms/v2/"
},
Expand Down Expand Up @@ -57,7 +57,7 @@
"developer": "Solspace",
"developerUrl": "https://docs.solspace.com/",
"documentationUrl": "https://docs.solspace.com/craft/express-forms/v2/",
"changelogUrl": "https://raw.githubusercontent.com/solspace/craft-express-forms/master/CHANGELOG.md",
"changelogUrl": "https://raw.githubusercontent.com/solspace/craft-express-forms/v2/CHANGELOG.md",
"hooks": {
"pre-commit": [
"set -e",
Expand Down
4 changes: 4 additions & 0 deletions packages/plugin/src/elements/Submission.php
Original file line number Diff line number Diff line change
Expand Up @@ -192,6 +192,10 @@ public function getTableAttributeHtml(string $attribute): string
}
}

if (\is_string($value)) {
$value = htmlentities($value, \ENT_QUOTES);
}

return $value ?? '';
}

Expand Down

0 comments on commit 42facd0

Please sign in to comment.