github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-12-05 01:43:43 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
54,913 Commits 214 Branches 500 Tags 960 MiB
8c038d9498
Commit Graph

2 Commits

Author SHA1 Message Date
Roman Rizzi
a709b7e861
FIX: Allow sanitized-HTML in GH issues and categories oneboxes. (#25374) 
Follow-up to d78357917c

Related meta topic: https://meta.discourse.org/t/html-is-not-render-on-category-onebox-description/289424:
 2024-01-22 15:25:29 -03:00
Roman Rizzi
d78357917c SECURITY: Onebox templates' HTML injections. 
The use of triple-curlies on Mustache templates opens the possibility for HTML injections.
 2023-11-09 13:39:11 +11:00