Edgewall Software
Modify

Opened 20 years ago

Closed 20 years ago

#778 closed defect (fixed)

Logged in username not escaped

Reported by: Mark Rowe <bdash@…> Owned by: Christopher Lenz
Priority: lowest Milestone: 0.8
Component: general Version: devel
Severity: trivial Keywords:
Cc: Branch:
Release Notes:
API Changes:
Internal Changes:

Description

When a user is logged in with a username that contains HTML characters such as "<" and ">", they are not correctly escaped when the username is displayed above the navigation in the text "Logged in as username".

Attachments (0)

Change History (3)

comment:1 by daniel, 20 years ago

Milestone: 0.8
Priority: normallowest
Severity: normaltrivial

comment:2 by Christopher Lenz, 20 years ago

Owner: changed from Jonas Borgström to Christopher Lenz
Status: newassigned
Summary: HTML Entities not escaped in logged in usernameLogged in username not escaped

comment:3 by Christopher Lenz, 20 years ago

Resolution: fixed
Status: assignedclosed

Fixed in [958].

Modify Ticket

Change Properties
Set your email in Preferences
Action
as closed The owner will remain Christopher Lenz.
The resolution will be deleted. Next status will be 'reopened'.
to The owner will be changed from Christopher Lenz to the specified user.

Add Comment


E-mail address and name can be saved in the Preferences .
 
Note: See TracTickets for help on using tickets.