You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sling.apache.org by "Konrad Windszus (Jira)" <ji...@apache.org> on 2020/01/07 13:09:00 UTC
[jira] [Created] (SLING-8966) Escape all dynamic variables
Konrad Windszus created SLING-8966:
--------------------------------------
Summary: Escape all dynamic variables
Key: SLING-8966
URL: https://issues.apache.org/jira/browse/SLING-8966
Project: Sling
Issue Type: Improvement
Components: Installer
Affects Versions: Installer Console 1.0.2
Reporter: Konrad Windszus
Assignee: Konrad Windszus
Fix For: Installer Console 1.0.4
There should be protection against HTML in dynamic variables as discussed in https://issues.apache.org/jira/browse/SLING-5746?focusedCommentId=17009675&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-17009675
--
This message was sent by Atlassian Jira
(v8.3.4#803005)