escape_javascript potentially unsafe values in JS or HTML attributes

agileware-jp / redmine_issue_templates

Redmine Issue Template. Pull requests, reporting issues, stars and sponsoring are always welcome!

GNU General Public License v2.0

71 stars 33 forks source link

Open jkraemer opened 1 year ago

jkraemer commented 1 year ago

in particular, _template_pulldown.html.erb and _issue_select_form.html.erb allowed code injection via the tracker namem, the latter also did not escape is_triggered_by, which comes from a request parameter

jkraemer commented 1 year ago

ping?