forgejo/templates/repo/issue/view_content
Gusted ca798e4cc2
[SECURITY] Test XSS in dismissed review
It's possible for reviews to not be assiocated with users, when they
were migrated from another forge instance. In the migration code,
there's no sanitization check for author names, so they could contain
HTML tags and thus needs to be properely escaped.
2024-02-22 15:33:20 +01:00
..
add_reaction.tmpl
attachments.tmpl
comments.tmpl [SECURITY] Test XSS in dismissed review 2024-02-22 15:33:20 +01:00
comments_delete_time.tmpl
context_menu.tmpl
conversation.tmpl [BUG] split code conversations in diff tab (#2306) 2024-02-16 12:16:11 +00:00
pull.tmpl Disallow merge when required checked are missing (#29143) 2024-02-19 22:58:33 +01:00
pull_merge_instruction.tmpl Add merge style fast-forward-only (#28954) 2024-02-14 17:19:19 +01:00
reactions.tmpl Add non-JS fallback for reaction tooltips (#28785) 2024-01-15 09:42:59 +08:00
reference_issue_dialog.tmpl
show_role.tmpl
sidebar.tmpl Fix can not select team reviewers when reviewers is empty (#29174) 2024-02-17 23:24:30 +01:00
update_branch_by_merge.tmpl
watching.tmpl Introduce htmx and use it to avoid full page load on Subscribe and Follow (#28908) 2024-01-30 15:45:54 +01:00