From 9f63b30fb404b1d458bc266152e8966bdb0b50f5 Mon Sep 17 00:00:00 2001
From: Juanfran <juanfran.alcantara@kaleidos.net>
Date: Wed, 10 Aug 2016 12:17:52 +0200
Subject: [PATCH] [Backport] fix related task edit xss

---
 app/coffee/modules/related-tasks.coffee      | 2 ++
 app/partials/task/related-task-row-edit.jade | 1 -
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/app/coffee/modules/related-tasks.coffee b/app/coffee/modules/related-tasks.coffee
index 3d6e197d..49e4d103 100644
--- a/app/coffee/modules/related-tasks.coffee
+++ b/app/coffee/modules/related-tasks.coffee
@@ -55,6 +55,8 @@ RelatedTaskRowDirective = ($repo, $compile, $confirm, $rootscope, $loading, $tem
         renderEdit = (task) ->
             $el.html($compile(templateEdit({task: task}))($scope))
 
+            $el.find(".task-name input").val(task.subject)
+
             $el.on "keyup", "input", (event) ->
                 if event.keyCode == 13
                     saveTask($model.$modelValue).then ->
diff --git a/app/partials/task/related-task-row-edit.jade b/app/partials/task/related-task-row-edit.jade
index 0eee394a..893b7b27 100644
--- a/app/partials/task/related-task-row-edit.jade
+++ b/app/partials/task/related-task-row-edit.jade
@@ -1,7 +1,6 @@
 .task-name
     input(
         type='text'
-        value!='<%- task.subject %>'
         placeholder="{{'TASK.PLACEHOLDER_SUBJECT' | translate}}"
     )
 .task-settings