Page MenuHomePhabricator
Files F34890778

01-T298019.patch
Urbanecm_WMF (Martin Urbanec / Urbanecm)
Actions

Authored By
Urbanecm_WMF
Dec 20 2021, 3:41 PM
Size
1 KB
Referenced Files
None
Subscribers
None

01-T298019.patch
View Options

From 87e2e59ef429c15dc17857dc2a70c6d65eb39242 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Gerg=C5=91=20Tisza?= <tgr.huwiki@gmail.com>
Date: Sun, 19 Dec 2021 23:09:44 -0800
Subject: [PATCH] SECURITY: Fix i18n XSS in SuggestedEdits
Bug: T298019
Change-Id: Iebf354ee90ec7212d8121edd97356d0e5e15e274
---
includes/HomepageModules/SuggestedEdits.php | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/includes/HomepageModules/SuggestedEdits.php b/includes/HomepageModules/SuggestedEdits.php
index 524eea45..2d01ba78 100644
--- a/includes/HomepageModules/SuggestedEdits.php
+++ b/includes/HomepageModules/SuggestedEdits.php
@@ -486,7 +486,7 @@ class SuggestedEdits extends BaseModule {
if ( $showTaskPreview ) {
$taskPager = $this->getContext()->msg( 'growthexperiments-homepage-suggestededits-pager' )
->numParams( 1, $tasks->getTotalCount() )
- ->text();
+ ->parse();
$button = new ButtonWidget( [
'label' => $this->getContext()->msg(
'growthexperiments-homepage-suggestededits-mobilesummary-footer-button' )->text(),
--
2.20.1

File Metadata

Mime Type
text/x-diff
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
9308441
Default Alt Text
01-T298019.patch (1 KB)

Event Timeline

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits