Prevent possible XSS when using jQuery (#18289) - gitea.git - Git with a cup of tea! Painless self-hosted all-in-one software development service, including Git hosting, code review, team collaboration, package registry and CI/CD: https://github.com/go-gitea/gitea

diff options

author	Gusted <williamzijl7@hotmail.com>	2022-01-16 05:14:32 +0000
committer	GitHub <noreply@github.com>	2022-01-16 13:14:32 +0800
commit	661d3d28e97bb49bef075c0314edad5879148aaa (patch)
tree	9b4a0c1a8244b003b9467f861088d6eadbaafabc /services/migrations
parent	4b4884ce889439f092d3797984e768e0cf2a278e (diff)
download	gitea-661d3d28e97bb49bef075c0314edad5879148aaa.tar.gz gitea-661d3d28e97bb49bef075c0314edad5879148aaa.zip

Prevent possible XSS when using jQuery (#18289)

In the case of misuse or misunderstanding from a developer whereby, if `sel` can receive user-controlled data, jQuery `$(sel)` can lead to the creation of a new element. Current usage is using hard-coded selectors in the templates, but nobody prevents that from expanding to user-controlled somehow.

Diffstat (limited to 'services/migrations')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: