Project

General

Profile

Actions

Bug #35450

closed

Extensions may introduce Cross-Site Scripting

Added by Helmut Hummel over 12 years ago. Updated over 12 years ago.

Status:
Rejected
Priority:
Won't have this time
Assignee:
-
Category:
-
Target version:
-
Start date:
2012-04-01
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
6.0
PHP Version:
Tags:
Complexity:
Is Regression:
Sprint Focus:

Description

Problem:
Poorly programmed extensions may introduce Cross-Site Scripting to the site, which is bad.

Solution:
Properly HTML escape the output on a central place to avoid that.

Credits:
Thanks to Rupi for the great suggestions how to solve this.

Actions

Also available in: Atom PDF