github-mirror/BookStack
2
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2024-11-23 02:28:27 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity
349162ea13
BookStack/resources
History
Dan Brown 349162ea13
Prevented possible XSS via link attachments 
This filters out potentially malicious javascript: or data: uri's coming
through to be attached to attachments.
Added tests to cover.

Thanks to Yassine ABOUKIR (@yassineaboukir on twitter) for reporting this
vulnerability.
2020-10-31 15:01:52 +00:00
..
icons Added dark/light mode toggle to profile dropdown menu 2020-04-11 20:37:51 +01:00
js Added alias for vbscript 2020-10-13 22:44:33 +01:00
lang Prevented possible XSS via link attachments 2020-10-31 15:01:52 +00:00
sass Updated codemirror and updated codemirror base styles 2020-09-26 17:33:43 +01:00
views Update code-editor.blade.php 2020-10-02 15:13:31 +02:00