CGM_Public/pretix_original
2
0
Fork 1
mirror of https://github.com/pretix/pretix.git synced 2026-05-09 15:54:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

[SECURITY] Fix stored XSS in question errors

Browse Source
This commit is contained in:
Raphael Michel
2022-02-17 22:23:44 +01:00
committed by Raphael Michel
parent 482968175b
commit 6d6883b343
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/pretix/static/pretixpresale/js/ui/main.js
View File

@@ -219,7 +219,10 @@ $(function () {
// multi-input fields have a role=group with aria-labelledby // multi-input fields have a role=group with aria-labelledby
var label = this.hasAttribute("aria-labelledby") ? $("#" + this.getAttribute("aria-labelledby")) : $("[for="+target.attr("id")+"]"); var label = this.hasAttribute("aria-labelledby") ? $("#" + this.getAttribute("aria-labelledby")) : $("[for="+target.attr("id")+"]");
content.append("<li><a href='#" + target.attr("id") + "'>" + label.get(0).childNodes[0].nodeValue + "</a>: "+desc.text()+"</li>"); var $li = $("<li>");
$li.text(": " + desc.text())
$li.prepend($("<a>").attr("href", "#" + target.attr("id")).text(label.get(0).childNodes[0].nodeValue))
content.append($li);
}); });
$(this).append(content); $(this).append(content);
}); });