[LPS-107889] Double escape of username in ControlPanel - Liferay Issues

XML

Word

Printable

Details

Type: Bug
Status: Closed
Resolution: Fixed
Affects Version/s: 7.0.0 DXP FP89, 7.0.X, 7.1.10 DXP FP16, 7.1.X, 7.2.10 DXP FP3, 7.2.10 DXP FP4, 7.2.X, 7.3.0 CE GA1, Master
Fix Version/s: 7.0.0 DXP FP91, 7.0.10.14 DXP SP14, 7.0.X, 7.1.10 DXP FP18, 7.1.10.5 SP5, 7.1.X, 7.2.10 DXP FP5, 7.2.10.2 DXP SP2, 7.2.X, 7.3.1 CE GA2, 7.3.2 CE GA3, 7.3.10 DXP GA1, Master
Component/s: User Management > Users & Organizations
Labels:

Branch Version/s:

7.2.x, 7.1.x, 7.0.x
Backported to Branch:

Committed
Fix Priority:
3
Git Pull Request:
https://github.com/brianchandotcom/liferay-portal/pull/86244

Description

I'm setting this to Security Level "secure", as it contains information that could point to LPS-103439 in the screenshot

Insert Username with HTML embedded
Edit user in Control Panel
Observe erroneous escaping as marked in Screenshot

Attachments

Options
- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

Attachments

Fixed.png
28 kB
15/Mar/20 7:33 PM
image-2020-01-30-15-19-05-132.png
144 kB
30/Jan/20 6:19 AM

Activity

People

Assignee:: Sharry Shi

Reporter:: Olaf Kock

Participants of an Issue:: Olaf Kock, Sharry Shi, Tibor Lipusz

Recent user:: Yunlin "Steven" Sun

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 30/Jan/20 6:19 AM

Updated:: 17/Dec/20 12:39 AM

Resolved:: 13/Mar/20 10:22 AM

Days since last comment:: 41 weeks, 2 days ago

Packages

Version	Package
7.0.0 DXP FP91
7.0.10.14 DXP SP14
7.0.X
7.1.10 DXP FP18
7.1.10.5 SP5
7.1.X
7.2.10 DXP FP5
7.2.10.2 DXP SP2
7.2.X
7.3.1 CE GA2
7.3.2 CE GA3
7.3.10 DXP GA1
Master