bugfix: avoid XSS in postion name presentation of invoice forms (LMS #…

…1910)
chilek · Apr 29, 2021 · 16ec40d · 16ec40d
1 parent f5bbe76
commit 16ec40d
Show file tree

Hide file tree

Showing 3 changed files with 3 additions and 3 deletions.
diff --git a/templates/default/invoice/invoicecontents.html b/templates/default/invoice/invoicecontents.html
@@ -107,7 +107,7 @@
                 <INPUT TYPE="text" class="invoice-contents-field-edit" NAME="invoice-contents[{$posuid}][name]" SIZE="40" style="width: 300px; display: none;"
                        value="{$row.name|escape}" data-old-value="{$item.name|escape}"
                        {tip text="Enter description"}>
-                <span class="invoice-contents-field-value">{$item.name}</span>
+                <span class="invoice-contents-field-value">{$item.name|escape}</span>
                 {if isset($item.name_custom_contents)}
                     {$item.name_custom_contents}
                 {/if}

diff --git a/templates/default/invoice/invoicenew.html b/templates/default/invoice/invoicenew.html
@@ -238,7 +238,7 @@ <H1>{$layout.pagetitle}</H1>
 			{section name=covenantlist loop=$covenantlist}
 				<TR class="highlight {cycle}">
 					<TD class="nobr">{$covenantlist[covenantlist].time|date_format:"%Y/%m/%d"}</TD>
-					<TD>{$covenantlist[covenantlist].comment}</TD>
+					<TD>{$covenantlist[covenantlist].comment|escape}</TD>
 					<td>
 						{tax_category_selection elementname="l_taxcategory[{$covenantlist[covenantlist].cashid}]"
 							tip="Select tax category"}

diff --git a/templates/default/invoice/invoicenotemodify.html b/templates/default/invoice/invoicenotemodify.html
@@ -316,7 +316,7 @@ <H1>{$layout.pagetitle}</H1>
 			</TD>
 			<TD>
 				{if $item.deleted}
-					<INPUT TYPE="hidden" VALUE="{$item.name|escape}" NAME="name[{$itemid}]">{$item.name}
+					<INPUT TYPE="hidden" VALUE="{$item.name|escape}" NAME="name[{$itemid}]">{$item.name|escape}
 				{else}
 					<INPUT TYPE="text" VALUE="{$item.name|escape}" NAME="name[{$itemid}]" SIZE="48">
 				{/if}