stable

Clone or download

Read-only

Fix request #7118: List values are not properly sanitized in changesets

If a value contains some html code in its label (like <b>) and it is displayed in the follow-up comments as a change, then it is interpreted by the browser and may pollute the rendering. Change-Id: I9b14a32390d91914d6a151bf73fcbd6833d85654

Modified Files

Name
M plugins/tracker/include/Tracker/Artifact/Tracker_Artifact_ChangesetValue_List.class.php +65 −31 Go to diff View file
M plugins/tracker/tests/Tracker_Artifact_ChangesetValue_ListTest.php +17 −1 Go to diff View file