Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SECURITY: XSS with title selector on preferences page 

Note this is very low severity as the group needs to be created with a
default title that contains HTML, and group creation is restricted to
staff members right now.
This commit is contained in:
Robin Ward 2019-07-09 15:45:03 -04:00
parent 6e22499e5f
commit 629bb8adf2
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/assets/javascripts/discourse/models/user.js.es6
View File

@ -748,7 +748,9 @@ const User = RestModel.extend({
} }
}); });
return _.uniq(titles).sort(); return _.uniq(titles)
.sort()
.map(Ember.Handlebars.Utils.escapeExpression);
}, },
@computed("user_option.text_size_seq", "user_option.text_size") @computed("user_option.text_size_seq", "user_option.text_size")