Congegni/sintonia
7
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

CC-4897: XSS exploit on library page

Browse source 
-fixed where this was happening on Calendar - show content
This commit is contained in:
denise 2013-02-04 12:12:57 -05:00
parent d63865625d
commit 20a3f674b4
2 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
airtime_mvc/application/controllers/ScheduleController.php
View file

@ -479,7 +479,7 @@ class ScheduleController extends Zend_Controller_Action
$this->view->percentFilled = $show->getPercentScheduled();
$this->view->showContent = $show->getShowListContent();
$this->view->dialog = $this->view->render('schedule/show-content-dialog.phtml');
$this->view->showTitle = $show->getName();
$this->view->showTitle = htmlspecialchars($show->getName());
unset($this->view->showContent);
}