ajung/plone.app.discussion
0
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixed possible cross site scripting (XSS) attack on moderate comments page.

Browse Source
This commit is contained in:
Maurits van Rees
2016-05-30 09:43:25 +02:00
parent 085567431f
commit e1dbaef82a
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
plone/app/discussion/browser/moderation.pt
+1 -1
View File
@@ -110,7 +110,7 @@
tal:content="item/in_response_to" />
</td>
<td>
<span tal:replace="structure item/Description" />
<span tal:replace="item/Description" />
<a href=""
tal:attributes="href string:${item/getURL}/getText"
tal:condition="python:item.Description.endswith('[...]')"