diff options
| author |   lpsolit%gmail.com <> | 2009-08-10 20:22:38 +0000 |
|---|---|---|
| committer | lpsolit%gmail.com <> | 2009-08-10 20:22:38 +0000 |
| commit | d9ba7fa16e8b0c7135408f52056783d0cb92e5c0 (patch) | |
| tree | ce95fe87c0248c8889aef2dfaba7f0f16c7b3c9e | |
| parent | Bug 507957: Bugzilla admins should not create templates in the "default" dire... (diff) | |
| download | bugzilla-d9ba7fa16e8b0c7135408f52056783d0cb92e5c0.tar.gz bugzilla-d9ba7fa16e8b0c7135408f52056783d0cb92e5c0.tar.bz2 bugzilla-d9ba7fa16e8b0c7135408f52056783d0cb92e5c0.zip | |
Bug 503980: show_bug.cgi doesn't properly escape <!-- inside bug summary - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=LpSolit
| -rw-r--r-- | Bugzilla/Template.pm | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/Bugzilla/Template.pm b/Bugzilla/Template.pm index c8ce711b8..89d94c024 100644 --- a/Bugzilla/Template.pm +++ b/Bugzilla/Template.pm @@ -514,6 +514,7 @@ sub create { $var =~ s/\n/\\n/g; $var =~ s/\r/\\r/g; $var =~ s/\@/\\x40/g; # anti-spam for email addresses + $var =~ s/</\\x3c/g; return $var; }, |