Ubuntu
ampache package

Missing CDATA on xml_data.class.php

Bug #1666367 reported by An Schult
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
ampache (Ubuntu)
New
Undecided
Unassigned

Bug Description

looks like ../lib/class/xml_data.class.php is used for generate xml-api output

line 484 contains:
  "\t<composer>" . $song->composer . "</composer>\n" .

This leads to a xml-parsing error, if there's a composer with a '&' in the composer-name

A CDATA-escaping should fix the bug:

   "\t<composer><![CDATA[" . $song->composer . "]]></composer>\n" .

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.