diff options
author | techknowlogick <hello@techknowlogick.com> | 2018-12-21 09:05:47 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-12-21 09:05:47 -0500 |
commit | af4626a2700aa81ecf4fcf7c81717f6715513526 (patch) | |
tree | ea83a1a1c02f50fd205d7a4ee82ad2a05910e354 /models/webhook_discord.go | |
parent | 21c70e1ed27420646d0d85f044facc8c84be3d5f (diff) | |
download | gitea-af4626a2700aa81ecf4fcf7c81717f6715513526.tar.gz gitea-af4626a2700aa81ecf4fcf7c81717f6715513526.zip |
Immediate fix to htmlEncode user added text (#5575)
There are likely problems remaining with the way that initCommentForm
is creating its elements. I suspect that a malformed avatar url could
be used maliciously.
Diffstat (limited to 'models/webhook_discord.go')
0 files changed, 0 insertions, 0 deletions