Skip to content
Snippets Groups Projects
Commit faea9927 authored by root's avatar root
Browse files

#Fixes::156769998::Chaitanya N::XSS Payload in User's Last name and First name issue is fixed

parent 805eac2c
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
include/utils/VtlibUtils.php
+ 4
4
View file @ faea9927
...@@ -882,10 +882,10 @@ function jsEscape($str) { ...@@ -882,10 +882,10 @@ function jsEscape($str) {
switch ($chr) { switch ($chr) {
case "'": case "'":
case '"': case '"':
case "\n"; case "\n":
case "\r"; case "\r":
case "&"; case "&":
case "\\"; case "\\":
case "<": case "<":
case ">": case ">":
$output .= sprintf("\\u%04x", $chrNum); $output .= sprintf("\\u%04x", $chrNum);
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Copyright 2023 Vtiger. All rights reserved.