Openbravo Issue Tracking System - Openbravo ERP |
| View Issue Details |
|
| ID | Project | Category | View Status | Date Submitted | Last Update |
| 0056996 | Openbravo ERP | A. Platform | public | 2024-10-14 08:11 | 2024-11-28 13:00 |
|
| Reporter | alostale | |
| Assigned To | Triage Platform Base | |
| Priority | normal | Severity | major | Reproducibility | have not tried |
| Status | scheduled | Resolution | open | |
| Platform | | OS | 5 | OS Version | |
| Product Version | | |
| Target Version | PR24Q2.5 | Fixed in Version | | |
| Merge Request Status | |
| Review Assigned To | |
| OBNetwork customer | |
| Web browser | |
| Modules | Core |
| Support ticket | |
| Regression level | |
| Regression date | |
| Regression introduced in release | |
| Regression introduced by commit | |
| Triggers an Emergency Pack | No |
|
| Summary | 0056996: broken layout in window title |
| Description | When opening a link to Openbravo backoffice if the title of a view contains some special characters the layout can be broken. |
| Steps To Reproduce | Try to open some link like:
https://localhost:8080/openbravo/#%7Bst:0,bm:%5B%7BviewId:__X__,params:%7BtabTitle:__%3Cimg%20src=a%20onerr [^]
or=alert()%3E__%7D%7D%5D%7D |
| Proposed Solution | Properly treat/escape tab titles when rendering them. |
| Additional Information | |
| Tags | No tags attached. |
| Relationships | |
| Attached Files | |
|
| Issue History |
| Date Modified | Username | Field | Change |
| 2024-11-05 18:53 | AugustoMauch | Type | defect => backport |
| 2024-11-05 18:53 | AugustoMauch | Target Version | => PR24Q2.5 |
| 2024-11-28 13:00 | hgbot | Note Added: 0172713 | |