LimeSurvey: master 4438de15

Diff Back to Repository
Author Committer Branch Timestamp Parent
DenisChenu DenisChenu master 2016-01-26 15:26:45 master 480515da
Affected Issues  10251: LimeSurvey 2.06 Build 160123 Reflected XSS
Changeset

Fixed issue #10251: [security] Reflected XSS in admin (Thanks to Kacper Szurek - http://security.szurek.pl/ )
Dev: sanitize_paranoid_string but can use CHtml::encode
Dev: sFieldText is used only for title in view : encode
mod - application/controllers/admin/htmleditor_pop.php Diff File