Details
-
Bug
-
Resolution: Fixed
-
Medium
-
3.11
-
None
-
3.11
-
Description
If a project has a double-quote in its name, it's not xml-escaped when used in "title" attribute. For example, if we have a project named 14" monitors, the html will look like:
<select name="pid" ....>
<option title="14" monitors" value="10000" >14" monitors</option>
This causes JIRA Client to hiccup on this page and lose a lot of functionality. On web browser, the title is displayed incorrectly.
I can only imagine what would happen if a project contained the following characters: "></html>