mirror of
https://github.com/pandorafms/pandorafms.git
synced 2025-07-28 16:24:54 +02:00
Merge branch 'ent-7647-vulnerabilidad-xss-en.nombre.filtro-eventos' into 'develop'
Fixedd XSS on load filter event name See merge request artica/pandorafms!4174
This commit is contained in:
commit
77d00fd9e2
@ -1498,7 +1498,7 @@ try {
|
||||
$active_filters_div .= '<div class="label box-shadow">'.__('Current filter').'</div>';
|
||||
$active_filters_div .= '<div id="current_filter" class="content">';
|
||||
if ($loaded_filter !== false) {
|
||||
$active_filters_div .= io_safe_output($loaded_filter['id_name']);
|
||||
$active_filters_div .= htmlentities(io_safe_output($loaded_filter['id_name']));
|
||||
} else {
|
||||
$active_filters_div .= __('Not set.');
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user