Merge pull request #10361 from snipe/fixes/xss_in_accessories_checkout_notes
Escape notes in transformCheckedOutAccessory
This commit is contained in:
snipe
GitHub
commit
ff81e6d536
1 changed files with 1 additions and 1 deletions
|
|
@ -82,7 +82,7 @@ class AccessoriesTransformer
|
|||
'first_name'=> e($user->first_name),
|
||||
'last_name'=> e($user->last_name),
|
||||
'employee_number' => e($user->employee_num),
|
||||
'checkout_notes' => $user->pivot->note,
|
||||
'checkout_notes' => e($user->pivot->note),
|
||||
'last_checkout' => Helper::getFormattedDateObject($user->pivot->created_at, 'datetime'),
|
||||
'type' => 'user',
|
||||
'available_actions' => ['checkin' => true]
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue