diff options
author | lpsolit%gmail.com <> | 2009-08-10 20:20:25 +0000 |
---|---|---|
committer | lpsolit%gmail.com <> | 2009-08-10 20:20:25 +0000 |
commit | 918a8c245f8d0d7d0926a015aa9a4940c14ebdd3 (patch) | |
tree | 70e25946c932f933c1b3bf7c6e86382b0a0c5969 | |
parent | 7bc9c2e3da4e735b7ca2f35c503a332f681f66d5 (diff) | |
download | bugs-918a8c245f8d0d7d0926a015aa9a4940c14ebdd3.tar bugs-918a8c245f8d0d7d0926a015aa9a4940c14ebdd3.tar.gz bugs-918a8c245f8d0d7d0926a015aa9a4940c14ebdd3.tar.bz2 bugs-918a8c245f8d0d7d0926a015aa9a4940c14ebdd3.tar.xz bugs-918a8c245f8d0d7d0926a015aa9a4940c14ebdd3.zip |
Bug 503980: show_bug.cgi doesn't properly escape <!-- inside bug summary - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=LpSolit
-rw-r--r-- | Bugzilla/Template.pm | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/Bugzilla/Template.pm b/Bugzilla/Template.pm index f90e472b5..49954a521 100644 --- a/Bugzilla/Template.pm +++ b/Bugzilla/Template.pm @@ -520,6 +520,7 @@ sub create { $var =~ s/\n/\\n/g; $var =~ s/\r/\\r/g; $var =~ s/\@/\\x40/g; # anti-spam for email addresses + $var =~ s/</\\x3c/g; return $var; }, |