Bug 619648: (CVE-2010-4570) [SECURITY] XSS via summary in "possible duplicates"…

Bug 619648: (CVE-2010-4570) [SECURITY] XSS via summary in "possible duplicates" table due to lack of encoding by YUI [r=mkanat a=LpSolit]

Bug 619648: (CVE-2010-4570) [SECURITY] XSS via summary in "possible duplicates"…
078c4931 · Reed Loden · c283f5e7 · 078c4931
Commit 078c4931 authored Jan 24, 2011 by Reed Loden
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 1 deletion

create.html.tmpl template/en/default/bug/create/create.html.tmpl +2 -1

No files found.
--- a/template/en/default/bug/create/create.html.tmpl
+++ b/template/en/default/bug/create/create.html.tmpl
@@ -533,7 +533,8 @@ TUI_hide_default('attachment_text_field');
              { key: "id", label: "[% field_descs.bug_id FILTER js %]",
                formatter: YAHOO.bugzilla.dupTable.formatBugLink },
              { key: "summary", 
-                label: "[% field_descs.short_desc FILTER js %]" },
+                label: "[% field_descs.short_desc FILTER js %]",
+                formatter: "text" },
              { key: "status",
                label: "[% field_descs.bug_status FILTER js %]",
                formatter: YAHOO.bugzilla.dupTable.formatStatus },