Page MenuHomePhabricator

Properly escape output
Closed, ResolvedPublic

Description

Several places in the code values are passed on without being properly escaped by htmlspecialchars or similar.

Use this as a tracking bug for patchsets related to this problem.


Version: unspecified
Severity: normal

Details

Reference
bz40523

Event Timeline

bzimport raised the priority of this task from to Needs Triage.Nov 22 2014, 1:11 AM
bzimport set Reference to bz40523.
bzimport added a subscriber: Unknown Object (MLST).

Verified in Wikidata demo time for sprint 17