Textpattern CMS support forum
You are not logged in. Register | Login | Help
- Topics: Active | Unanswered
Re: Apostrophes/single quotes in article titles
As I see it now, in 4.4.1 the attributes title, style and class of permlink() were not htmlspecialchars’ed, so they probably get parsed on secondpass. This was patched in 4.5, so we are all half right half wrong here.
So I second Jukka, there is a (well, minor) security issue in 4.4.1 here.
Last edited by etc (2012-09-16 13:22:23)
Offline