fix: [xss] resolved in the genericField of the single view

- as reported by SK-CERT
2022-09-18 18:27:39 +02:00 · 2022-09-18 18:27:39 +02:00 · 09ff4eba53
parent 85e8a35091
commit 09ff4eba53
1 changed files with 3 additions and 1 deletions
--- a/templates/element/genericElements/SingleViews/Fields/genericField.php
+++ b/templates/element/genericElements/SingleViews/Fields/genericField.php
@ -22,7 +22,9 @@ if (!empty($field['url'])) {
        '<a href="%s%s">%s</a>',
        $baseurl,
        h($field['url']),
-        $string
+        h($string)
    );
+} else {
+    $string = h($string);
 }
 echo $string;