From c9e77b98dd01c20c3bd1178ed4fe1bf18ede862e Mon Sep 17 00:00:00 2001 From: Rasmus Kuschel Date: Sun, 22 Dec 2024 15:47:50 +0100 Subject: [PATCH] Ensure HTML is properly escaped for all user-provided text properties (#3585) --- .../src/main/resources/freemarker/home.ftl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/serenity-report-resources/src/main/resources/freemarker/home.ftl b/serenity-report-resources/src/main/resources/freemarker/home.ftl index fd63a8d1f..cad56cb6b 100644 --- a/serenity-report-resources/src/main/resources/freemarker/home.ftl +++ b/serenity-report-resources/src/main/resources/freemarker/home.ftl @@ -528,7 +528,7 @@ ${context_icon}${context_label} ${scenario.stepCount} - ${scenario.allStepsText} + <#outputformat 'HTML'>${scenario.allStepsText} ${scenario.formattedStartTime} ${scenario.formattedDuration} ${outcome_icon} ${evidenceRecord.scenario} - ${evidenceRecord.title} + <#outputformat 'HTML'>${evidenceRecord.title} ${evidenceRecord.detailsLink}