Missing htmlspecialchars for link title render_textpic
When an image is inserted with a title that contains special chars (like quotes) the title tag of the image tag is escaped correctly.
But the title tag of the surrounding link (tested in lightbox mode) is not escaped!
The reason seems to be the initialization of the
$GLOBALS['TSFE']->ATagParams variable in line 668 in the
render_textpic() method in the
$GLOBALS['TSFE']->ATagParams .= ' title="' . $titleText . '"';
As far as I can see it should be used like this:
$GLOBALS['TSFE']->ATagParams .= ' title="' . htmlspecialchars($titleText) . '"';
It does not seem to be a security issue because script tags used in the image title are stripped out.