Immediate fix to htmlEncode user added text (#5575) - gitea.git - Git with a cup of tea! Painless self-hosted all-in-one software development service, including Git hosting, code review, team collaboration, package registry and CI/CD: https://github.com/go-gitea/gitea

diff options

author	techknowlogick <hello@techknowlogick.com>	2018-12-21 09:05:47 -0500
committer	GitHub <noreply@github.com>	2018-12-21 09:05:47 -0500
commit	af4626a2700aa81ecf4fcf7c81717f6715513526 (patch)
tree	ea83a1a1c02f50fd205d7a4ee82ad2a05910e354 /options/license/GNU Library General Public License v2.0
parent	21c70e1ed27420646d0d85f044facc8c84be3d5f (diff)
download	gitea-af4626a2700aa81ecf4fcf7c81717f6715513526.tar.gz gitea-af4626a2700aa81ecf4fcf7c81717f6715513526.zip

Immediate fix to htmlEncode user added text (#5575)

There are likely problems remaining with the way that initCommentForm is creating its elements. I suspect that a malformed avatar url could be used maliciously.

Diffstat (limited to 'options/license/GNU Library General Public License v2.0')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: