Skip to content

Commit

Permalink
bugfix: avoid XSS in node list (LMS #1910)
Browse files Browse the repository at this point in the history
  • Loading branch information
@chilek
chilek committed Jun 1, 2021
1 parent 9d0add7 commit 4e2515d
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions templates/default/node/nodelist.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -244,16 +244,16 @@ <H1>{$layout.pagetitle}</H1>
{icon name="nodeunk"}
{/if}
{if $node.info}
{icon name="info" tip=$node.info}
{icon name="info" tip=$node.info|escape}
{/if}
{$node.name}</A>{if $node.locked}{icon name="lock" tip="<!node>lock is active" class="node-lock-icon"}{/if}</span>
{$node.name|escape}</A>{if $node.locked}{icon name="lock" tip="<!node>lock is active" class="node-lock-icon"}{/if}</span>
<br>
<span class="nobr{if ! $node.access} blend{/if}">
{icon name="customer"}
<a href="?m=customerinfo&id={$node.ownerid}"
class="lms-ui-hint-rollover"
data-url="?m=customerinfoshort&id={$node.ownerid}">
{$node.owner|truncate:40:"&hellip;":true|replace:" ":"&nbsp;"}
{$node.owner|trunescape:40}
</a>
</span>
</TD>
Expand Down

0 comments on commit 4e2515d

Please sign in to comment.