Escape HTML in raw source of events and tasks

Fixes #3718
2026-06-11 05:19:43 +00:00 · 2016-06-08 16:06:58 -04:00
parent 97e6385f4c
commit 64ce3c9c22
3 changed files with 8 additions and 7 deletions
@@ -4,6 +4,7 @@
 Bug fixes
 - [web] fixed generic avatar in lists (#3719)
 - [web] fixed validation in Sieve filter editor
+ - [web] properly encode events and tasks rawsource to avoid XSS issues (#3718)

 3.1.2 (2016-06-06)
 ------------------