Funnelback patch 220.127.116.11
Applies to: v13.2.0
Internal reference: SUPPORT-2335, FUN-9496
Table of Contents
Fixes a cross site scripting vulnerability when unescaped HTML was provided to the CheckBlending macro’s linkText attribute.
web/templates/modernui/funnelback.ftl: Fix CheckBlending macro to escape all HTML (except 'em' tags historically used in this context).