From faea99278d6d0dcc682e017e637c901d7a7fef4e Mon Sep 17 00:00:00 2001
From: root <you@example.com>
Date: Thu, 28 Mar 2024 12:50:55 +0530
Subject: [PATCH] #Fixes::156769998::Chaitanya N::XSS Payload in User's Last
 name and First name issue is fixed

---
 include/utils/VtlibUtils.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/include/utils/VtlibUtils.php b/include/utils/VtlibUtils.php
index 762cf4e53..23bab2d18 100644
--- a/include/utils/VtlibUtils.php
+++ b/include/utils/VtlibUtils.php
@@ -882,10 +882,10 @@ function jsEscape($str) {
         switch ($chr) {
             case "'":
             case '"':
-            case "\n";
-            case "\r";
-            case "&";
-            case "\\";
+            case "\n":
+            case "\r":
+            case "&":
+            case "\\":
             case "<":
             case ">":
                 $output .= sprintf("\\u%04x", $chrNum);
-- 
GitLab