discourse/app/assets/javascripts
Blake Erickson a373bf2a01 SECURITY: XSS on chat excerpts
Non-markdown tags weren't being escaped in chat excerpts. This could be
triggered by editing a chat message containing a tag (self XSS), or by
replying to a chat message with a tag (XSS).

Co-authored-by: Jan Cernik <jancernik12@gmail.com>
2023-03-16 15:27:09 -06:00
..
admin DEV: Drop impossible conditional from admin-logs-staff-action-logs (#20687) 2023-03-16 12:27:27 +00:00
bootstrap-json Build(deps): Bump node-fetch from 3.3.0 to 3.3.1 in /app/assets/javascripts (#20655) 2023-03-13 08:45:43 +08:00
confirm-new-email
dialog-holder Build(deps): Bump webpack from 5.76.0 to 5.76.1 in /app/assets/javascripts (#20654) 2023-03-13 08:10:09 +08:00
discourse SECURITY: XSS on chat excerpts 2023-03-16 15:27:09 -06:00
discourse-common Build(deps): Bump @babel/core in /app/assets/javascripts (#20681) 2023-03-15 14:29:16 +01:00
discourse-ensure-deprecation-order
discourse-hbr Build(deps): Bump @babel/core in /app/assets/javascripts (#20681) 2023-03-15 14:29:16 +01:00
discourse-plugins Build(deps): Bump @babel/core in /app/assets/javascripts (#20681) 2023-03-15 14:29:16 +01:00
discourse-widget-hbs Build(deps): Bump @babel/core in /app/assets/javascripts (#20681) 2023-03-15 14:29:16 +01:00
docs
ember-addons
ember-cli-progress-ci
ember-production-deprecations DEV: Include ember deprecation messages in production builds (#20587) 2023-03-10 10:37:28 +00:00
locales UX/DEV: Review queue redesign fixes (#20239) 2023-03-02 16:40:53 +01:00
pretty-text Build(deps): Bump @babel/core in /app/assets/javascripts (#20681) 2023-03-15 14:29:16 +01:00
select-kit SECURITY: XSS on chat excerpts 2023-03-16 15:27:09 -06:00
truth-helpers Build(deps): Bump @babel/core in /app/assets/javascripts (#20681) 2023-03-15 14:29:16 +01:00
wizard Build(deps): Bump @babel/core in /app/assets/javascripts (#20681) 2023-03-15 14:29:16 +01:00
.licensee.json DEV: Have `licensee` check xmldom license (#18840) 2022-11-02 11:51:11 -04:00
.npmrc
discourse-js-processor.js DEV: Update ember-cli-htmlbars to 6.2.0 (#20467) 2023-02-27 18:43:28 +01:00
handlebars-shim.js
package.json DEV: Include ember deprecation messages in production builds (#20587) 2023-03-10 10:37:28 +00:00
polyfills.js Drop support for iOS < 15.7 (#19847) 2023-01-16 17:28:59 +00:00
service-worker.js.erb FEATURE: Enable service worker for Apple devices (#19643) 2023-01-30 13:23:19 -03:00
yarn.lock Build(deps): Bump @babel/core in /app/assets/javascripts (#20681) 2023-03-15 14:29:16 +01:00