Page MenuHomePhabricator

Insufficient output escaping
Closed, ResolvedPublic

Description

Both in JS and PHP:

56         html += '<a href="' + historyLink + '" title="' + mw.msg( 'lastmodified-title-tag' ) + '">';
57         html += lastModifiedText;


45                 $out->addHTML( wfMsg( 'lastmodified-options' ) );
49                 $out->addHTML( wfMsg( 'lastmodified-display-range-value' ) . ' ' . $wgLastModifiedRange );
81                 $out->addHTML( $rangeMessage );

Version: unspecified
Severity: normal

Details

Reference
bz37897

Event Timeline

bzimport raised the priority of this task from to Needs Triage.Nov 22 2014, 12:24 AM
bzimport added a project: LastModified.
bzimport set Reference to bz37897.
bzimport added a subscriber: Unknown Object (MLST).

Gerrit change #12838

Thanks for reporting.

change merged. Ori, can this be closed?