Notifications

60 views

Description

When opening the email client, the FROM and/or RELPY TO fields display the instance's email address with unicode escaped "<" and ">" characters. Example:

  • FROM: ServiceNow Dev &lt;example@service-now.com&gt;

Instead of:

  • FROM: ServiceNow Dev <example@service-now.com>

Release or Environment

Madrid, New York.

Cause

The 'glide.ui.escape_text' system property is set to FALSE.

"The property glide.ui.escape_text Escape XML values at the parser level for the user interface. Prevents reflected and stored cross-site scripting attacks. Default: Yes"

Resolution

Set the 'glide.ui.escape_text' property to TRUE (requires the security_admin role).

Additional Information

Additional details can be found in the High Security Settings documentation.

 

Article Information

Last Updated:2020-02-09 02:04:00
Published:2020-02-09