576 views

Description

The ( < ) and ( > ) values are not being escaped properly in the [sys_email] record when a notification picks up content from an HTML field.

Steps to Reproduce

1. Change the Description field on an incident to type HTML.
2. Create a notification that encapsulates this content, such as include ${description}.
3. In the incident description, put something like this in HTML

<body>
<p>&lt;TEST&gt;</p>
</body>

4. Trip the notification.
5. Notice the [sys_email] record will show this in the body and body_text field:

&amp;lt;TEST&gt;

The less than has its ampersand escaped but not the subsequent greater than.

In the [sys_email] record, if you click the related links, Preview HTML body, it will render as:

&lt;TEST>

Workaround

This issue is targeted to be fixed in a future release. Please subscribe to this article to receive regular updates.


Related Problem: PRB591193

Seen In

Berlin Patch 8 Hot Fix 1
Fuji Patch 6

Fixed In

Geneva
Helsinki

Associated Community Threads

There is no data to report.

Article Information

Last Updated:2017-01-11 22:23:17
Published:2014-02-20