Project

General

Profile

Actions
Copy link

Bug #18604

closed

Menu creation has empty defaults which could lead to problems

Added by Steffen Kamper over 16 years ago. Updated about 11 years ago.

Status:
Closed
Priority:
Should have
Assignee:
-
Category:
-
Target version:
-
Start date:
2008-04-11
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
4.2
PHP Version:
5.2
Tags:
Complexity:
Is Regression:
No
Sprint Focus:

Description

If you set pagetitle to
Any title <script>alert("bad message");</script>

you can destroy a page because any access to FE will execute the Javascript

patch adds HSC if stdWrap-Array is empty
(issue imported from #M8090)

Files

8090_menu_defaultHSC.diff (873 Bytes) 8090_menu_defaultHSC.diff Administrator Admin, 2008-04-11 11:32
Actions
Copy link
 #1

Updated by Alexander Opitz over 11 years ago

  • Status changed from New to Needs Feedback
  • Target version deleted (0)

The issue is very old, does this issue exists in newer versions of TYPO3 CMS (4.5 or 6.1)?

Actions
Copy link
 #2

Updated by Alexander Opitz about 11 years ago

  • Status changed from Needs Feedback to Closed
  • Is Regression set to No

No feedback for over 90 days.

Actions
Copy link

Also available in: Atom PDF