Congegni/sintonia
7
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

CC-4897: XSS exploit on library page

Browse source
This commit is contained in:
denise 2013-02-04 12:44:14 -05:00
parent 20a3f674b4
commit b45f71e8f9
2 changed files with 2 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

1
airtime_mvc/application/views/scripts/playlist/update.phtml
View file

@ -8,6 +8,7 @@ if ($item['type'] == 2) {
$bl= new Application_Model_Block($item['item_id']);
$staticBlock = $bl->isStatic();
}
$item["track_title"] = $this->escape($item["track_title"]);
?>
<li class="ui-state-default" id="spl_<?php echo $item["id"] ?>" unqid="<?php echo $item["id"]; ?>">
<div class="list-item-container">