diff --git a/core/templates/layout.user.php b/core/templates/layout.user.php index c8b580b5fd9df78112c4b808cc595d47acccd7c2..38aa31be32bc8ca5009ffe586130d2a633713842 100644 --- a/core/templates/layout.user.php +++ b/core/templates/layout.user.php @@ -31,7 +31,7 @@ <ul id="settings" class="svg"> <span id="expand"> - <?php echo OCP\User::getDisplayName($user=null)?OCP\User::getDisplayName($user=null):(OC_User::getUser()?OC_User::getUser():'') ?> + <?php echo OCP\User::getDisplayName($user=null)?OC_Util::sanitizeHTML(OCP\User::getDisplayName($user=null)):(OC_User::getUser()?OC_User::getUser():'') ?> <img class="svg" src="<?php echo image_path('', 'actions/caret.svg'); ?>" /> </span> <div id="expanddiv"> diff --git a/settings/js/users.js b/settings/js/users.js index da18b4be8367d0e49bfbc579fb9d83467e56dacb..086b0884a3b402a33fa3a2de2de2848ebcd825a0 100644 --- a/settings/js/users.js +++ b/settings/js/users.js @@ -308,7 +308,7 @@ $(document).ready(function () { event.stopPropagation(); var img = $(this); var uid = img.parent().parent().attr('data-uid'); - var displayName = img.parent().parent().attr('data-displayName'); + var displayName = escapeHTML(img.parent().parent().attr('data-displayName')); var input = $('<input type="text" value="' + displayName + '">'); img.css('display', 'none'); img.parent().children('span').replaceWith(input); @@ -329,7 +329,7 @@ $(document).ready(function () { } }); input.blur(function () { - $(this).replaceWith($(this).val()); + $(this).replaceWith(escapeHTML($(this).val())); img.css('display', ''); }); });