OroCRM Forums

Covering OroCRM topics, including community updates and company announcements.

Forums Forums OroCRM OroCRM – Security HTML not escaped in custom fields

This topic contains 0 replies, has 1 voice, and was last updated by Damien LE TROHER Damien LE TROHER 6 years, 3 months ago.

The forum will run in the read-only mode starting from March 1. Please head to StackOverflow for support.

  • Creator
    Topic
  • #27958
    Damien LE TROHER
    Damien LE TROHER
    Participant

    Hi again,

    When I add some HTML in a custom text field (tried on contact form), it is not escaped… I can add something like

    It break the page ;).


    Damien LE TROHER
    SYNOLIA – Division Ecommerce

You must be logged in to reply to this topic.

You will be redirected to [title]. Would you like to continue?

Yes No