github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-11-25 00:43:24 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
a373bf2a01
discourse/plugins/chat/assets/javascripts
History
Blake Erickson a373bf2a01 SECURITY: XSS on chat excerpts 
Non-markdown tags weren't being escaped in chat excerpts. This could be
triggered by editing a chat message containing a tag (self XSS), or by
replying to a chat message with a tag (XSS).

Co-authored-by: Jan Cernik <jancernik12@gmail.com>
2023-03-16 15:27:09 -06:00
..
discourse SECURITY: XSS on chat excerpts 2023-03-16 15:27:09 -06:00
lib/discourse-markdown UX/DEV: Review queue redesign fixes (#20239) 2023-03-02 16:40:53 +01:00