Merge branch 'ent-7647-vulnerabilidad-xss-en.nombre.filtro-eventos' into 'develop'

Fixedd XSS on load filter event name

See merge request artica/pandorafms!4174
This commit is contained in:
Daniel Rodriguez 2021-08-09 09:00:15 +00:00
commit 77d00fd9e2

View File

@ -1498,7 +1498,7 @@ try {
$active_filters_div .= '<div class="label box-shadow">'.__('Current filter').'</div>';
$active_filters_div .= '<div id="current_filter" class="content">';
if ($loaded_filter !== false) {
$active_filters_div .= io_safe_output($loaded_filter['id_name']);
$active_filters_div .= htmlentities(io_safe_output($loaded_filter['id_name']));
} else {
$active_filters_div .= __('Not set.');
}