From aecf0a17d1689d957bc8854e55e499839798446f Mon Sep 17 00:00:00 2001
From: Frédéric Buclin <LpSolit@gmail.com>
Date: Tue, 13 Nov 2012 18:53:55 +0100
Subject: Bug 790296 (CVE-2012-4189): [SECURITY] Field values are not escaped
 correctly in tabular reports r=dkl a=LpSolit

---
 template/en/default/reports/report-table.html.tmpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'template')

diff --git a/template/en/default/reports/report-table.html.tmpl b/template/en/default/reports/report-table.html.tmpl
index 0e6193c25..466a87d9f 100644
--- a/template/en/default/reports/report-table.html.tmpl
+++ b/template/en/default/reports/report-table.html.tmpl
@@ -85,7 +85,7 @@ YAHOO.util.Event.addListener(window, "load", function() {
   var myColumnDefs = [
         {key:"row_title", label:"", sortable:true, sortOptions: { sortFunction:totalNumberSorter }},
         [% FOREACH col = col_names %]
-          {key:"[% col FILTER js %]", label:"[% display_value(col_field, col) FILTER js %]", sortable:true,
+          {key:"[% col FILTER js %]", label:"[% display_value(col_field, col) FILTER html FILTER js %]", sortable:true,
            formatter:this.Linkify, sortOptions: { defaultDir: YAHOO.widget.DataTable.CLASS_DESC, sortFunction:totalNumberSorter }},
         [% END %]
         {key:"total", label:"Total", sortable:true, formatter:this.LinkifyTotal,
-- 
cgit v1.2.3-24-g4f1b