summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDavid Lawrence <dkl@mozilla.com>2016-05-10 15:52:59 +0200
committerDavid Lawrence <dkl@mozilla.com>2016-05-10 15:52:59 +0200
commit6a48e0211dec6ec2d5a73ad1982682b744fb3474 (patch)
treed9a5796f09e8489cf55dd54474c442e8c51c80d1
parentee3196e7a3c314413baa15dcddb4a5f9961630d7 (diff)
downloadbugzilla-6a48e0211dec6ec2d5a73ad1982682b744fb3474.tar.gz
bugzilla-6a48e0211dec6ec2d5a73ad1982682b744fb3474.tar.xz
Bug 1271635 - XSS when viewing image attachments
-rw-r--r--extensions/BugModal/web/bug_modal.js2
1 files changed, 1 insertions, 1 deletions
diff --git a/extensions/BugModal/web/bug_modal.js b/extensions/BugModal/web/bug_modal.js
index 2d7bb4764..e0ef40a13 100644
--- a/extensions/BugModal/web/bug_modal.js
+++ b/extensions/BugModal/web/bug_modal.js
@@ -1373,7 +1373,7 @@ function lb_show(el) {
.addClass('minor')
.text('Close')
.appendTo(overlay2);
- title.append(el.title);
+ title.text(el.title);
overlay.add(overlay2).click(lb_close);
img.add(overlay).animate({ opacity: 1 }, 200);
}