Merge pull request #1255 from creative-commoners/pulls/1.8/CVE-2021-3…

…6150 [CVE-2021-36150] Escape html tag characters in link text
silverstripe · Oct 5, 2021 · cd062ac · cd062ac
2 parents bd8b138 + 080e520
commit cd062ac
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 1 deletion.
diff --git a/client/dist/js/bundle.js b/client/dist/js/bundle.js
diff --git a/client/src/legacy/HtmlEditorField.js b/client/src/legacy/HtmlEditorField.js
@@ -253,6 +253,7 @@ ss.editorWrappers.tinyMCE = (function() {
  */
  insertLink: function(attrs, opts, linkText) {
  if (linkText) {
+ linkText = linkText.replaceAll('<', '&lt;').replaceAll('>', '&gt;');
  const linkEl = this.getInstance().dom.create('a', attrs, linkText);
  this.getInstance().selection.setNode(linkEl);
  } else {