What steps will reproduce the problem?
1. Create an Item / Account that includes script content in a field that is
rendered in the list view.
2. For example, Create an item with a name like "Name<script>alert(1)</script>"
and the code will execute whenever the item is rendered in the list view.
3. Profit
What is the expected output? What do you see instead?
I would expect the list to sanitize the output
Please use labels and text to provide additional information.
Original issue reported on code.google.com by matthewj...@gmail.com on 7 Jan 2014 at 12:46
Original issue reported on code.google.com by
matthewj...@gmail.com
on 7 Jan 2014 at 12:46