Drupal
/
drupal
mirror of https://git.drupalcode.org/project/drupal.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

- Patch #669062 by Damien Tournoud and security team: fixed SA-CORE-2009-009: menu description XSS.

merge-requests/26/head
Dries Buytaert 2009-12-28 20:51:18 +00:00
parent 13dacbc27f
commit e174039d6f
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
modules/system/system.admin.inc
View File

@ -2342,7 +2342,7 @@ function theme_admin_block_content($variables) {
$output = '<dl class="admin-list">';
foreach ($content as $item) {
$output .= '<dt>' . l($item['title'], $item['href'], $item['localized_options']) . '</dt>';
$output .= '<dd>' . $item['description'] . '</dd>';
$output .= '<dd>' . filter_xss_admin($item['description']) . '</dd>';
}
$output .= '</dl>';
}