LimeSurvey: master 4438de15

Diff Back to Repository
Author Committer Branch Timestamp Parent
DenisChenu DenisChenu master 2016-01-26 16:26 master 480515da
Changeset

Fixed issue #10251: [security] Reflected XSS in admin (Thanks to Kacper Szurek - http://security.szurek.pl/ )
Dev: sanitize_paranoid_string but can use CHtml::encode
Dev: sFieldText is used only for title in view : encode
mod - application/controllers/admin/htmleditor_pop.php Diff File