- Patch #669062 by Damien Tournoud and security team: fixed SA-CORE-2009-009: menu description XSS.
parent
13dacbc27f
commit
e174039d6f
|
@ -2342,7 +2342,7 @@ function theme_admin_block_content($variables) {
|
||||||
$output = '<dl class="admin-list">';
|
$output = '<dl class="admin-list">';
|
||||||
foreach ($content as $item) {
|
foreach ($content as $item) {
|
||||||
$output .= '<dt>' . l($item['title'], $item['href'], $item['localized_options']) . '</dt>';
|
$output .= '<dt>' . l($item['title'], $item['href'], $item['localized_options']) . '</dt>';
|
||||||
$output .= '<dd>' . $item['description'] . '</dd>';
|
$output .= '<dd>' . filter_xss_admin($item['description']) . '</dd>';
|
||||||
}
|
}
|
||||||
$output .= '</dl>';
|
$output .= '</dl>';
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue