tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-06-30 00:19:25 +02:00
Code Issues Projects Releases Wiki Activity

BUG Fix potential XSS injection

Browse Source
This commit is contained in:
Damian Mooyman 2015-07-01 17:41:07 +12:00
parent fd755a7ff9
commit 6fabd0122b
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
security/ChangePasswordForm.php
View File

@ -129,7 +129,7 @@ class ChangePasswordForm extends Form {
_t(
'Member.INVALIDNEWPASSWORD',
"We couldn't accept that password: {password}",
array('password' => nl2br("\n".$isValid->starredList()))
array('password' => nl2br("\n".Convert::raw2xml($isValid->starredList())))
),
"bad",
false