From 6066ff31980fddc2eb97b987c5bbd1a931495f1e Mon Sep 17 00:00:00 2001 From: Manish Goregaokar Date: Thu, 17 Apr 2014 18:37:11 +0200 Subject: Bug 968576: [SECURITY] Dangerous control characters allowed in Bugzilla text r=glob a=justdave --- template/en/default/request/email.txt.tmpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'template/en/default/request/email.txt.tmpl') diff --git a/template/en/default/request/email.txt.tmpl b/template/en/default/request/email.txt.tmpl index fb957484b..65946a1e1 100644 --- a/template/en/default/request/email.txt.tmpl +++ b/template/en/default/request/email.txt.tmpl @@ -84,7 +84,7 @@ Attachment [% attidsummary %] [%-# .defined is necessary to avoid a taint issue in Perl < 5.10.1, see bug 509794. %] [% IF Bugzilla.cgi.param("comment").defined && Bugzilla.cgi.param("comment").length > 0 %] ------- Additional Comments from [% user.identity %] -[%+ Bugzilla.cgi.param("comment") %] +[%+ Bugzilla.cgi.param("comment") FILTER strip_control_chars %] [% END %] [%- END %] -- cgit v1.2.3-24-g4f1b