Commit 84110a7cbd7b765e323658c1141873fb1747b47b
1 parent
0dc513e2
KTS-2178
"cross site scripting" Updated. Reviewed By: Kevin Fourie git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@6934 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
6 additions
and
6 deletions
templates/ktcore/bulk_action_listing.smarty
| ... | ... | @@ -17,8 +17,8 @@ |
| 17 | 17 | <tbody> |
| 18 | 18 | {foreach from=$failed.folders item=item} |
| 19 | 19 | <tr class="{cycle values=even,odd}"> |
| 20 | - <td>{$item.0}</td> | |
| 21 | - <td>{$item.1}</td> | |
| 20 | + <td>{$item.0|sanitize}</td> | |
| 21 | + <td>{$item.1|sanitize}</td> | |
| 22 | 22 | </tr> |
| 23 | 23 | {/foreach} |
| 24 | 24 | </tbody> |
| ... | ... | @@ -43,8 +43,8 @@ |
| 43 | 43 | |
| 44 | 44 | {foreach from=$failed.documents item=item} |
| 45 | 45 | <tr class="{cycle values=even,odd}"> |
| 46 | - <td>{$item.0}</td> | |
| 47 | - <td>{$item.1}</td> | |
| 46 | + <td>{$item.0|sanitize}</td> | |
| 47 | + <td>{$item.1|sanitize}</td> | |
| 48 | 48 | </tr> |
| 49 | 49 | {/foreach} |
| 50 | 50 | </tbody> |
| ... | ... | @@ -59,7 +59,7 @@ |
| 59 | 59 | <h3>{i18n}Folders{/i18n}</h3> |
| 60 | 60 | <ul> |
| 61 | 61 | {foreach from=$folders item=folder} |
| 62 | -<li>{$folder}</li> | |
| 62 | +<li>{$folder|sanitize}</li> | |
| 63 | 63 | {/foreach} |
| 64 | 64 | </ul> |
| 65 | 65 | {/if} |
| ... | ... | @@ -68,7 +68,7 @@ |
| 68 | 68 | <h3>{i18n}Documents{/i18n}</h3> |
| 69 | 69 | <ul> |
| 70 | 70 | {foreach from=$documents item=document} |
| 71 | -<li>{$document}</li> | |
| 71 | +<li>{$document|sanitize}</li> | |
| 72 | 72 | {/foreach} |
| 73 | 73 | </ul> |
| 74 | 74 | {/if} | ... | ... |