IntenseWebs/discourse
3
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-02-25 18:55:32 -06:00
Code Issues Packages Projects Releases Wiki Activity

SECURITY: fix possible XSS with badges (#6912)

Browse Source
This commit is contained in:
Joffrey JAFFEUX
2019-01-21 13:08:26 +01:00
committed by GitHub
parent 6f0bc16baf
commit 52f2e0d6b9
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/assets/javascripts/admin/templates/user-badges.hbs
View File

@@ -16,7 +16,7 @@
<form class="form-horizontal">
<div>
<label>{{i18n 'admin.badges.badge'}}</label>
{{combo-box filterable=true value=selectedBadgeId content=grantableBadges}}
{{combo-box forceEscape=true filterable=true value=selectedBadgeId content=grantableBadges}}
</div>
<div>
<label>{{i18n 'admin.badges.reason'}}</label>