Wavyzz/dolibarr-fork
2
0
Fork 0
forked from Wavyzz/dolibarr
Code Pull Requests Activity

FIX CVE XSS on company name reported by Belabed Skander from Akerva

Browse Source
This commit is contained in:
Laurent Destailleur
2023-07-12 22:24:00 +02:00
parent 9b5264a4fd
commit bcaad48cf2
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
htdocs/societe/class/societe.class.php
View File

@@ -2690,9 +2690,9 @@ class Societe extends CommonObject
$label .= $this->getTypeUrl(1);
}
$label .= '<br><b>'.$langs->trans('Name').':</b> '.dol_escape_htmltag($this->name);
$label .= '<br><b>'.$langs->trans('Name').':</b> '.dol_escape_htmltag(dol_string_nohtmltag($this->name));
if (!empty($this->name_alias)) {
$label .= ' ('.dol_escape_htmltag($this->name_alias).')';
$label .= ' ('.dol_escape_htmltag(dol_string_nohtmltag($this->name_alias)).')';
}
if ($this->email) {