From 6f0061961975df9a0c3ebab68386d8d65b706959 Mon Sep 17 00:00:00 2001 From: Peter Martischka Date: Sun, 11 Apr 2010 22:22:36 +0200 Subject: Fixed a a serious Security Bug, HTML injection! --- etherpad/src/static/js/broadcast_slider.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etherpad/src/static/js/broadcast_slider.js b/etherpad/src/static/js/broadcast_slider.js index 255d7f2..8977e3d 100644 --- a/etherpad/src/static/js/broadcast_slider.js +++ b/etherpad/src/static/js/broadcast_slider.js @@ -138,7 +138,7 @@ var global = this; swatchtd.append(swatch); tr.append(swatchtd); var nametd = $(''); - nametd.html(author.name || "unnamed"); + nametd.text(author.name || "unnamed"); tr.append(nametd); $("#authorstable").append(tr); } else { -- cgit v1.2.3