github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-12-15 23:03:48 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

SECURITY: fix possible XSS with badges (#6912)

Browse Source
This commit is contained in:
Joffrey JAFFEUX 2019-01-21 13:08:26 +01:00
parent d72d51711e
commit 6418caf700
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/assets/javascripts/admin/templates/user-badges.hbs
View File

@ -16,7 +16,7 @@
<form class="form-horizontal">
<div>
<label>{{i18n 'admin.badges.badge'}}</label>
{{combo-box filterable=true value=selectedBadgeId content=grantableBadges}}
{{combo-box forceEscape=true filterable=true value=selectedBadgeId content=grantableBadges}}
</div>
<label>
<label>{{i18n 'admin.badges.reason'}}</label>