Zend Framework 2 v2.2.7 Release Notes
Release Date: 2014-04-15 // about 10 years ago-
⚡️ SECURITY UPDATES
- ZF2014-03: Potential XSS vector in multiple view helpers due to
inappropriate HTML attribute escaping. Many view helpers were using the
escapeHtml()view helper in order to escape HTML attributes. This release patches them to use theescapeHtmlAttr()view helper in these situations. If you use form or navigation view helpers, or "HTML element" view helpers (such asgravatar(),htmlFlash(),htmlPage(), orhtmlQuicktime()), we recommend upgrading immediately.
- ZF2014-03: Potential XSS vector in multiple view helpers due to
inappropriate HTML attribute escaping. Many view helpers were using the