From 2b997737dd6a60be2239a51dd6d9ef5881568e6d Mon Sep 17 00:00:00 2001
From: aryaantony92 <97134765+aryaantony92@users.noreply.github.com>
Date: Mon, 27 Mar 2023 15:46:41 +0200
Subject: [PATCH] Security fix in Predefined section (#14721)

* Escape predefined property

* Escape predefined metadata
---
 .../public/js/pimcore/settings/metadata/predefined.js         | 4 +++-
 .../public/js/pimcore/settings/properties/predefined.js       | 4 +++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/bundles/AdminBundle/Resources/public/js/pimcore/settings/metadata/predefined.js b/bundles/AdminBundle/Resources/public/js/pimcore/settings/metadata/predefined.js
index 4f141f60cb1..a7e644ae987 100644
--- a/bundles/AdminBundle/Resources/public/js/pimcore/settings/metadata/predefined.js
+++ b/bundles/AdminBundle/Resources/public/js/pimcore/settings/metadata/predefined.js
@@ -215,7 +215,9 @@ pimcore.settings.metadata.predefined = Class.create({
                     tooltip: t('delete'),
                     handler: function (grid, rowIndex) {
                         let data = grid.getStore().getAt(rowIndex);
-                        pimcore.helpers.deleteConfirm(t('predefined_metadata'), data.data.name, function () {
+                        pimcore.helpers.deleteConfirm(t('predefined_metadata'),
+                            Ext.util.Format.htmlEncode(data.data.name),
+                            function () {
                             grid.getStore().removeAt(rowIndex);
                         }.bind(this));
                     }.bind(this)
diff --git a/bundles/AdminBundle/Resources/public/js/pimcore/settings/properties/predefined.js b/bundles/AdminBundle/Resources/public/js/pimcore/settings/properties/predefined.js
index 0316ee055e6..2f91cd27547 100644
--- a/bundles/AdminBundle/Resources/public/js/pimcore/settings/properties/predefined.js
+++ b/bundles/AdminBundle/Resources/public/js/pimcore/settings/properties/predefined.js
@@ -165,7 +165,9 @@ pimcore.settings.properties.predefined = Class.create({
                     tooltip: t('delete'),
                     handler: function (grid, rowIndex) {
                         let data = grid.getStore().getAt(rowIndex);
-                        pimcore.helpers.deleteConfirm(t('predefined_properties'), data.data.name, function () {
+                        pimcore.helpers.deleteConfirm(t('predefined_properties'),
+                            Ext.util.Format.htmlEncode(data.data.name),
+                            function () {
                             grid.getStore().removeAt(rowIndex);
                         }.bind(this));
                     }.bind(this)