OroCRM Forums

Covering OroCRM topics, including community updates and company announcements.

Forums OroCRM OroCRM – Security HTML not escaped in custom fields

This topic contains 0 replies, has 1 voice, and was last updated by Damien LE TROHER Damien LE TROHER 6 years, 2 months ago.

  • Creator
    Topic
  • #27958
    Damien LE TROHER
    Damien LE TROHER
    Participant

    Hi again,

    When I add some HTML in a custom text field (tried on contact form), it is not escaped… I can add something like

    It break the page ;).


    Damien LE TROHER
    SYNOLIA – Division Ecommerce

You must be logged in to reply to this topic.

You will be redirected to [title]. Would you like to continue?

Yes No