This repository has been archived on 2023-03-18. You can view files and clone it. You cannot open issues or pull requests or push a commit.

David Taylor d8b68e00c9 FIX: Ensure values are escaped in select-kit dropdowns (#16586) ...

The values in Discourse dropdown menus only come from admin-defined strings, not unsanitised end-user input, so this lack of escaping was not exploitable.

2022-04-28 16:31:41 +01:00

..

components

FIX: Ensure values are escaped in select-kit dropdowns (#16586)

2022-04-28 16:31:41 +01:00