-
Hi,
in cost.php the user passes a variable named condition
https://github.com/dargmuesli/randomwinpicker/blob/869087e51d98716b88c3b6d40bf4b03639888f35/src/static/resources/dargmuesli/cost.php#L6
th…
-
#### Checklist
- [ x] I checked other issues already, but found no answer/solution
- [x ] I checked the documentation and wiki, but found no answer/solution
- [ x] I am running the latest version…
andle updated
1 month ago
-
**Description**
Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack. This issue affects the pac…
-
```
Deprecated: mysql_escape_string(): This function is deprecated; use
mysql_real_escape_string() instead. in /virtual/catdogz/public_html/socks5.php
on line 94
Deprecated: mysql_pconnect(): The m…
-
```
Deprecated: mysql_escape_string(): This function is deprecated; use
mysql_real_escape_string() instead. in /virtual/catdogz/public_html/socks5.php
on line 94
Deprecated: mysql_pconnect(): The m…
-
Is a way to pass HTML content in a variable and disable the escaping process?
P.e.:
```
{%$myvar = "Hello world"%}
{%$myvar}
```
Expected output:
```
Hello world
```
-
**Is this a BUG REPORT or FEATURE REQUEST?**:
/kind bug
**What happened**:
In OpenShift, we use a credentials minter to generate the vSphere password used by the CSI driver. The minter may ge…
-
**Describe the bug**
The tag immediately following an unclosed left angle bracket (used in a "less than context") causes the next tag to be sanitized
- Python Version: 3.12.2
- Bleach Version: …
-
Currently, we generate a data-uri for iCal which can be used to download an .ics file.
But if we want to attach an .ics file to emails, we need to generate it directly (otherwise the url encoding f…
-
In your theme php files, remember to use escaping functions such as esc_html as a security standard (we want to make sure we are outputting what we think we are outputting). There is more about this i…
rcass updated
6 years ago