diff --git a/components/com_contact/src/Controller/ContactController.php b/components/com_contact/src/Controller/ContactController.php index 575826eb57b43..9c10743b44523 100644 --- a/components/com_contact/src/Controller/ContactController.php +++ b/components/com_contact/src/Controller/ContactController.php @@ -271,7 +271,7 @@ private function _sendEmail($data, $contact, $emailCopyToSender) $mailer->addRecipient($contact->email_to); $mailer->setReplyTo($templateData['email'], $templateData['name']); $mailer->addTemplateData($templateData); - $mailer->addUnsafeTags(['name', 'email', 'body', 'customfields']); + $mailer->addUnsafeTags(['name', 'email', 'body']); $sent = $mailer->send(); // If we are supposed to copy the sender, do so. @@ -280,6 +280,7 @@ private function _sendEmail($data, $contact, $emailCopyToSender) $mailer->addRecipient($templateData['email']); $mailer->setReplyTo($templateData['email'], $templateData['name']); $mailer->addTemplateData($templateData); + $mailer->addUnsafeTags(['name', 'email', 'body']); $sent = $mailer->send(); } } catch (MailDisabledException | phpMailerException $exception) { diff --git a/components/com_users/src/Model/RegistrationModel.php b/components/com_users/src/Model/RegistrationModel.php index 68d447512deb3..e7a8ca86c9cd1 100644 --- a/components/com_users/src/Model/RegistrationModel.php +++ b/components/com_users/src/Model/RegistrationModel.php @@ -555,6 +555,7 @@ public function register($temp) $mailer = new MailTemplate('com_users.registration.admin.new_notification', $app->getLanguage()->getTag()); $mailer->addTemplateData($data); $mailer->addRecipient($row->email); + $mailer->addUnsafeTags(['username', 'name']); $return = $mailer->send(); } catch (\Exception $exception) { try {