Details
-
Bug
-
Resolution: Fixed
-
Blocker
-
7.2-rc-1
-
Unknown
-
N/A
-
N/A
-
Description
Steps to reproduce:
- As a user without script or programming right, create a document named "TestSpace" with titleĀ
{{/html}}{{async}}{{groovy}}println("Hello from Groovy Title!"){{/groovy}}{{/async}}and content "Test content".
- Search for "Test" using the search UI and click on the "Location" box title in the facets that are next to the search results.
Expected result:
An item named
{{/html}}{{async}}{{groovy}}println("Hello from Groovy Title!"){{/groovy}}{{/async}}
is displayed.
Actual result:
An item named
Hello from Groovy Title!
</a>
<div class="itemCount">1</div>
</li>
</ul>
{{/html}}
is displayed, showing that the Groovy code has been executed.
The affected code has been introduced in XWIKI-12175 so this affects all versions since XWiki 7.2 RC1.
Attachments
Issue Links
- links to