Commit 4763c6446e029f45e61a1def9252d8d74337e334
1 parent
876c831c
KTS-2178
"cross site scripting" Updated. Reviewed By: Kevin Fourie git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@6941 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
2 additions
and
2 deletions
templates/ktcore/forms/widgets/fieldset.smarty
| 1 | <fieldset> | 1 | <fieldset> |
| 2 | {if $label}<legend>{$label}</legend>{/if} | 2 | {if $label}<legend>{$label}</legend>{/if} |
| 3 | - {if $description}<p class="descriptiveText">{$description}</p>{/if} | ||
| 4 | - | 3 | + {if $description}<p class="descriptiveText">{$description|sanitize}</p>{/if} |
| 4 | + | ||
| 5 | {$widgets} | 5 | {$widgets} |
| 6 | </fieldset> | 6 | </fieldset> |