Fix an XSS vulnerability in the reviews dropdown.
Review Request #4253 — Created June 21, 2013 and submitted — Latest diff uploaded
Fix an XSS vulnerability in the reviews dropdown. The reviews dropdown had a bad vulnerability where it would assume the user's full name is valid HTML. This allowed the user to craft a script tag that would be executed every time the name appeared in the dropdown. This vulnerability exists in 1.6.x, 1.7.x, and the in-development 1.8. There are no known attacks in the wild. This was reported by Craig Young at Tripwire.
Added some HTML to some users' first and last names. Before this change, I saw the result of the HTML. After, I saw the HTML tags as text, escaped.