U4-10539 - A merge issue caused fixes for U4-9262 to be reverted (XSS fix)

Created by Shannon Deminick 16 Oct 2017, 06:05:13 Updated by Shannon Deminick 16 Oct 2017, 07:05:16

Tags: Regression

Relates to: U4-9262

Subtask of: U4-9609

Somehow a rogue merged reverted the fixes for XSS issues with rendering Grid data (U4-9262)

The XSS inclusion is only possible by logged in content editors, it is not possible for public people to exploit this XSS issue.

Comments

Shannon Deminick 16 Oct 2017, 06:06:24

PR https://github.com/umbraco/Umbraco-CMS/pull/2243

Testing - ensure the grid renders correctly and test setting css properties along with custom grid properties


Sebastiaan Janssen 16 Oct 2017, 06:36:44

For reference: fixes regression in this commit: https://github.com/umbraco/Umbraco-CMS/commit/babcbd2f7aff1a2f522a066c8a5969eed4713088#diff-241aed82a1f859cdb5b6dcdd52ffcb14


Priority: Normal

Type: Bug

State: Fixed

Assignee:

Difficulty: Normal

Category:

Backwards Compatible: True

Fix Submitted:

Affected versions:

Due in version: 7.6.10, 7.7.4

Sprint: Sprint 70

Story Points: 0.5

Cycle: 5