diff options
| author | Dylan William Hardison <dylan@hardison.net> | 2016-05-13 13:34:19 -0400 |
|---|---|---|
| committer | Dylan William Hardison <dylan@hardison.net> | 2016-05-13 13:35:22 -0400 |
| commit | a59f1e99c2285b2802a3da45658095b121d0f5cb (patch) | |
| tree | 920f18b47b0c1d815b759edd9a3ad07286813c42 | |
| parent | 6c705e8c42e723e39037037ddd4617b072143eb5 (diff) | |
| download | bugs-a59f1e99c2285b2802a3da45658095b121d0f5cb.tar bugs-a59f1e99c2285b2802a3da45658095b121d0f5cb.tar.gz bugs-a59f1e99c2285b2802a3da45658095b121d0f5cb.tar.bz2 bugs-a59f1e99c2285b2802a3da45658095b121d0f5cb.tar.xz bugs-a59f1e99c2285b2802a3da45658095b121d0f5cb.zip | |
Bug 1250114 - XSS possible in extensions calling global/tabs.html.tmpl if tab.link is user-controlled
| -rw-r--r-- | template/en/default/global/tabs.html.tmpl | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/template/en/default/global/tabs.html.tmpl b/template/en/default/global/tabs.html.tmpl index 9cf5a897b..511640477 100644 --- a/template/en/default/global/tabs.html.tmpl +++ b/template/en/default/global/tabs.html.tmpl @@ -25,7 +25,7 @@ [% tab.label FILTER html %]</td> [% ELSE %] <td id="tab_[% tab.name FILTER html %]" class="clickable_area" - onClick="document.location='[% tab.link FILTER html %]'"> + onClick="document.location='[% tab.link FILTER js FILTER html %]'"> <a href="[% tab.link FILTER html %]">[% tab.label FILTER html %]</a> </td> [% END %] |