Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-4026

First Name, Last Name and Job Title Not Escaping HTML In The Enterprise Admin Portlet

    Details

    • Type: Bug
    • Status: Closed
    • Resolution: Fixed
    • Affects Version/s: 5.1.2
    • Fix Version/s: 5.1.2
    • Component/s: None
    • Labels:
      None
    • Environment:
      5.1.x
    • Branch Version/s:
      5.1.x
    • Backported to Branch:
      Committed

      Description

      When HTML text is saved in the first name, last name, or job title field, the enterprise admin portlet did not escape the HTML tags upon displaying. The file view_users.jsp was modified to include the HtmlUtil.escape call on those fields.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              wesley.gong Wesley Gong
              Reporter:
              wesley.gong Wesley Gong
              Participants of an Issue:
              Recent user:
              Esther Sanz
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Days since last comment:
                11 years, 36 weeks, 4 days ago

                  Packages

                  Version Package
                  5.1.2