Commit a011627c authored by Nicolas Widart's avatar Nicolas Widart Committed by GitHub

Merge pull request #390 from moebrowne/security/user-stored-xss

Users Full Name Stored XSS Vulnerability
parents 663bac77 03ecd43a
......@@ -43,7 +43,7 @@
<i class="glyphicon glyphicon-user"></i>
<span>
<?php if ($user->present()->fullname() != ' '): ?>
<?= $user->present()->fullName(); ?>
{{ $user->present()->fullName() }}
<?php else: ?>
<em>{{trans('core::core.general.complete your profile')}}.</em>
<?php endif; ?>
......@@ -56,7 +56,7 @@
<img src="{{ $user->present()->gravatar() }}" class="img-circle" alt="User Image" />
<p>
<?php if ($user->present()->fullname() != ' '): ?>
<?= $user->present()->fullname(); ?>
{{ $user->present()->fullname() }}
<?php else: ?>
<em>{{trans('core::core.general.complete your profile')}}.</em>
<?php endif; ?>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment