← Back to branch summary

~ubuntu-branches/debian/squeeze/movabletype-opensource/squeeze

« back to all changes in this revision

Viewing changes to tmpl/cms/include/listing_panel.tmpl

  • Committer: Bazaar Package Importer
  • Author(s): Dominic Hargreaves
  • Date: 2008-11-18 17:55:33 UTC
  • Revision ID: james.westby@ubuntu.com-20081118175533-0iwmvwff1wlr2umw
Tags: 4.2.1-3
http://bugs.debian.org/503114
* Urgency high due to security fix targetted at lenny
* Fix multiple XSS issues (CVE-2008-4634). Thanks to Nico Golde for
  providing the patch, extracted from a release made by
  Six Apart KK (closes: #503114)

Show diffs side-by-side

added added

removed removed

Lines of Context:
tmpl/cms/include/listing_panel.tmpl
61
61
    <mt:loop name="object_loop">
62
62
                            <tr id="<mt:var name="panel_type">-<mt:var name="id">" class="<mt:if name="__odd__">odd<mt:else>even</mt:if>">
63
63
                                <td class="cb"><input type="<mt:if name="panel_multi">checkbox<mt:else>radio</mt:if>" class="select" name="<mt:var name="panel_type">-cb" value="<mt:var name="id">" <mt:if name="disabled">disabled="disabled"</mt:if> /></td>
64
 
                                <td class="panel-label"><label><mt:var name="label"></label></td>
 
64
                                <td class="panel-label"><label><mt:var name="label" escape="html"></label></td>
65
65
                                <td class="panel-description">
66
 
                                    <mt:if name="link"><span class="view-site-link"><a href="<mt:var name="link" escape="html">" target="_blank"><img src="<mt:var name="static_uri">images/spacer.gif" title="<__trans phrase="Go to [_1]" params="<mt:var name="label" escape="html">">" width="13" height="9" alt="" /></a></span></mt:if>
67
 
                                    <mt:if name="link"><span class="float_desc"></mt:if><mt:var name="description"><mt:if name="link"></span></mt:if>
 
66
<mt:Ignore><!-- No, the duplicate escape modifiers below is not a typo. --></mt:Ignore>
 
67
                                    <mt:if name="link"><span class="view-site-link"><a href="<mt:var name="link" escape="html">" target="_blank"><img src="<mt:var name="static_uri">images/spacer.gif" title="<__trans phrase="Go to [_1]" params="<mt:var name="label" escape="html" escape="html">">" width="13" height="9" alt="" /></a></span></mt:if>
 
68
                                    <mt:if name="link"><span class="float_desc"></mt:if><mt:var name="description" escape="html"><mt:if name="link"></span></mt:if>
68
69
                                </td>
69
70
                            </tr>
70
71
    </mt:loop>