agw/overleaf-cep
1
0
Fork 0
mirror of https://github.com/yu-i-i/overleaf-cep.git synced 2026-05-23 17:19:37 +02:00
Code Issues Packages Projects Releases Wiki Activity
7,342 Commits 3 Branches 19 Tags
7f7b10aa0991ff9b50485e50f8c33657eff1f13f
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Shane Kilkelly 7f7b10aa09 Sanitize display of system messages. 
When showing system-messages, use default Angular sanitizer, also,
on the admin panel itself, show the verbatim text of the message.

This solves a mild Stored-XSS vulnerability whereby a user could
put `<script>` tags in a message. We don't want that, but we do want
to be able to use basic html tags.
2018-08-22 10:15:50 +01:00
services/web
Sanitize display of system messages.
2018-08-22 10:15:50 +01:00
Description
No description provided
AGPL-3.0 242 MiB
Languages
JavaScript 62.9%
TypeScript 29.4%
SCSS 2.6%
Java 2.1%
Pug 0.8%
Other 2.1%