mirror of
https://github.com/discourse/discourse.git
synced 2025-02-24 18:17:41 +08:00
0f7b198ca0
The values in Discourse dropdown menus only come from admin-defined strings, not unsanitised end-user input, so this lack of escaping was not exploitable.