mirror of
https://github.com/discourse/discourse.git
synced 2024-11-29 03:23:43 +08:00
0f7b198ca0
The values in Discourse dropdown menus only come from admin-defined strings, not unsanitised end-user input, so this lack of escaping was not exploitable. |
||
---|---|---|
.. | ||
components |