issues
search
agileware-jp
/
redmine_issue_templates
Redmine Issue Template. Pull requests, reporting issues, stars and sponsoring are always welcome!
https://www.redmine.org/plugins/redmine_issue_templates
GNU General Public License v2.0
65
stars
28
forks
source link
escape_javascript potentially unsafe values in JS or HTML attributes
#83
Open
jkraemer
opened
10 months ago
jkraemer
commented
10 months ago
in particular, _template_pulldown.html.erb and _issue_select_form.html.erb allowed code injection via the tracker namem, the latter also did not escape is_triggered_by, which comes from a request parameter
jkraemer
commented
8 months ago
ping?