]> git.immae.eu Git - github/wallabag/wallabag.git/blobdiff - src/Wallabag/CoreBundle/Resources/views/themes/common/Entry/entries.xml.twig
projects / github / wallabag / wallabag.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Fixed possible JS injection via the title edition
[github/wallabag/wallabag.git] / src / Wallabag / CoreBundle / Resources / views / themes / common / Entry / entries.xml.twig
diff --git a/src/Wallabag/CoreBundle/Resources/views/themes/common/Entry/entries.xml.twig b/src/Wallabag/CoreBundle/Resources/views/themes/common/Entry/entries.xml.twig
index 288bb54f884c18019341d95c8fb2f3e812221baf..7103f22b7177b5f0f807c309f02f69230ec5ced2 100644 (file)
--- a/src/Wallabag/CoreBundle/Resources/views/themes/common/Entry/entries.xml.twig
+++ b/src/Wallabag/CoreBundle/Resources/views/themes/common/Entry/entries.xml.twig
@@ -10,7 +10,7 @@
         {% for entry in entries %}
 
             <item>
-                <title><![CDATA[{{ entry.title }}]]></title>
+                <title><![CDATA[{{ entry.title|e }}]]></title>
                 <source url="{{ url('view', { 'id': entry.id }) }}">wallabag</source>
                 <link>{{ entry.url }}</link>
                 <guid>{{ entry.url }}</guid>
A self hostable application for saving web pages: Save and classify articles. Read them later. Freely.