]> git.ipfire.org Git - thirdparty/bugzilla.git/commitdiff
projects / thirdparty / bugzilla.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3db2830)
Bug 503980: show_bug.cgi doesn't properly escape <!-- inside bug summary - Patch...
authorlpsolit%gmail.com <>
Mon, 10 Aug 2009 20:22:38 +0000 (20:22 +0000)
committerlpsolit%gmail.com <>
Mon, 10 Aug 2009 20:22:38 +0000 (20:22 +0000)
Bugzilla/Template.pm patch | blob | blame | history

diff --git a/Bugzilla/Template.pm b/Bugzilla/Template.pm
index c8ce711b83d4e0c739f6a56d42cad835f451c5c2..89d94c0245dd83d1fe6a9efb28de8c6c778c80c5 100644 (file)
--- a/Bugzilla/Template.pm
+++ b/Bugzilla/Template.pm
@@ -514,6 +514,7 @@ sub create {
                 $var =~ s/\n/\\n/g;
                 $var =~ s/\r/\\r/g;
                 $var =~ s/\@/\\x40/g; # anti-spam for email addresses
+                $var =~ s/</\\x3c/g;
                 return $var;
             },
             
Mirror of https://github.com/bugzilla/bugzilla.git