Fix vulnerability by running escape_html on query params

ejschmitt / delayed_job_web

Resque like web interface for delayed job

MIT License

478 stars 188 forks source link

Closed masongup-mdsol closed 5 years ago

masongup-mdsol commented 5 years ago

This is a quick-fix for vulnerability CVE-2017-12097. Let me know if anything else needs to be done as part of this fix.

masongup-mdsol commented 5 years ago

Ah looks like I read the version info wrong, and this is actually already fixed.