github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-01-06 09:53:53 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
3176d4cb5a
discourse/app/assets/javascripts/select-kit/addon/templates/components/topic-row.hbs
Blake Erickson a373bf2a01 SECURITY: XSS on chat excerpts 
Non-markdown tags weren't being escaped in chat excerpts. This could be
triggered by editing a chat message containing a tag (self XSS), or by
replying to a chat message with a tag (XSS).

Co-authored-by: Jan Cernik <jancernik12@gmail.com>
2023-03-16 15:27:09 -06:00

10 lines
270 B
Handlebars
Raw Blame History

<TopicStatus @topic={{this.item}} @disableActions={{true}} />
<div class="topic-title">{{replace-emoji this.item.title}}</div>
<div class="topic-categories">
{{bound-category-link
this.item.category
recursive=true
hideParent=true
link=false
}}
</div>
Reference in New Issue View Git Blame Copy Permalink