github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-22 22:43:33 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

SECURITY: Onebox templates' HTML injections.

Browse Source 
The use of triple-curlies on Mustache templates opens the possibility for HTML injections.
This commit is contained in:
Roman Rizzi
2023-10-23 14:19:21 -03:00
committed by Krzysztof Kotlarek
parent 5f20748e40
commit d78357917c
4 changed files with 103 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/onebox/engine/github_issue_onebox.rb
View File

@ -36,7 +36,7 @@ module Onebox
body, excerpt = compute_body(raw["body"])
ulink = URI(link)
labels = raw["labels"].map { |l| { name: Emoji.codes_to_img(l["name"]) } }
labels = raw["labels"].map { |l| { name: Emoji.codes_to_img(CGI.escapeHTML(l["name"])) } }
{
link: @url,