Fix 1292 - Avoid XSS (#1297)

* Fix 1292 - Avoid XSS * Fix XSS on EffectConfiguration
2025-03-01 10:33:28 +00:00 · 2021-08-19 08:52:17 +02:00
parent 0227694d20
commit bd3e12d3ac
5 changed files with 11 additions and 7 deletions
--- a/assets/webconfig/js/content_network.js
+++ b/assets/webconfig/js/content_network.js
@@ -210,7 +210,7 @@ $(document).ready( function() {
 	}

 	$('#btn_create_tok').off().on('click',function() {
-		requestToken($('#tok_comment').val())
+    requestToken(encodeHTML($('#tok_comment').val()))
 		$('#tok_comment').val("")
 		$('#btn_create_tok').attr('disabled', true)
 	});