<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p>Where can I get a container version of vTiger 7.5.</p>
<p>Todd<br>
</p>
<div class="moz-cite-prefix">On 7/21/23 10:27, Prasad wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CAMeS7pkY7PscsKk3C68eri__zK=wx6_iAazvWYoNJdSPa-NqTg@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="ltr">
<div class="gmail_default"
style="font-family:arial,helvetica,sans-serif">Thank you Henry
- we have a refactored fix. </div>
<div class="gmail_default"
style="font-family:arial,helvetica,sans-serif">Please refer <a
href="https://code.vtiger.com/vtiger/vtigercrm/-/issues/1776"
moz-do-not-send="true" class="moz-txt-link-freetext">https://code.vtiger.com/vtiger/vtigercrm/-/issues/1776</a></div>
<div class="gmail_default"
style="font-family:arial,helvetica,sans-serif"><br>
</div>
<div class="gmail_default"
style="font-family:arial,helvetica,sans-serif">Have a good
weekend.</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Tue, May 16, 2023 at
5:37 AM Henry Cumbicus Rivera <<a
href="mailto:hcumbicusr@gmail.com" moz-do-not-send="true"
class="moz-txt-link-freetext">hcumbicusr@gmail.com</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div dir="ltr">
<div>Hello everyone,<br>
one of my clients reported this vulnerability to me in
vtiger and apparently it happens in all vtiger, up to the
current version 7.5. The solution that worked for me was
to apply smarty's "<b>strip_tags</b>" everywhere <b>$smarty.request.view</b>
appears like this:<br>
<b style="background-color:rgb(255,255,0)">{$smarty.request.view|strip_request}</b><br>
<br>
smarty: <a
href="https://www.smarty.net/docs/en/language.modifier.strip.tags.tpl"
target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">https://www.smarty.net/docs/en/language.modifier.strip.tags.tpl</a><br>
</div>
<div><br>
</div>
<img src="cid:part1.YUkR2nQw.3XETQP1n@itcloudsec.com"
alt="image.png" style="margin-right: 25px;" class=""><br>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div>Fix: Mainly in ModuleHeader.tpl files</div>
<div><img src="cid:part2.Pmh6GM5h.pZBhLNzR@itcloudsec.com"
alt="image.png" class="" width="322" height="345"><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
<span class="gmail_signature_prefix">-- </span><br>
<div dir="ltr" class="gmail_signature">
<div dir="ltr">
<div>
<div dir="ltr">
<div>
<div dir="ltr">
<div>
<div dir="ltr">
<div>
<div dir="ltr">
<div>
<div dir="ltr"><br>
<div>---------------------------------------------------------------</div>
<div>Ing. Henry C.</div>
<div>Tel.: +51 956727976</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
_______________________________________________<br>
<a href="http://www.vtiger.com/" rel="noreferrer"
target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">http://www.vtiger.com/</a></blockquote>
</div>
<br>
<fieldset class="moz-mime-attachment-header"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
<a class="moz-txt-link-freetext" href="http://www.vtiger.com/">http://www.vtiger.com/</a></pre>
</blockquote>
</body>
</html>