Forums OroCRM OroCRM – Security HTML not escaped in custom fields

This topic contains 0 replies, has 1 voice, and was last updated by  Damien LE TROHER 4 years, 3 months ago.

  • Creator
  • #25159

    Damien LE TROHER

    Hi again,

    When I add some HTML in a custom text field (tried on contact form), it is not escaped… I can add something like

    It break the page ;).

    Damien LE TROHER
    SYNOLIA – Division Ecommerce

You must be logged in to reply to this topic.