Details
-
Type:
Bug
-
Status: Done/Fixed
-
Priority:
Trivial
-
Resolution: Fixed/Completed
-
Affects Version/s: 4.2.2
-
Fix Version/s: 4.2.3
-
Component/s: None
-
Labels:None
Description
templates/CRM/Contact/Form/Search/Custom/FullText.tpl
around line 103
we should escape the details field. we truncate it during the sql select, which could result in an open-ended html tag which disrupts the presentation and can return datatable errors.
{$row.details|escape}