Commit 62f6d25a authored by Sergio Bertolin's avatar Sergio Bertolin
Browse files

Adding some protection against xml injection

parent b6cd8fd2
* @author Lukas Reschke <>
* @author Sergio Bertolin <>
* @copyright Copyright (c) 2017, ownCloud, Gmbh.
* @license AGPL-3.0
......@@ -198,7 +199,7 @@ trait Comments {
<d:propertyupdate xmlns:d="DAV:" xmlns:oc="">
<oc:message>'. $content .'</oc:message>
<oc:message>'. htmlspecialchars($content, ENT_XML1, 'UTF-8') .'</oc:message>
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment