Skip to content
Permalink
Browse files Browse the repository at this point in the history
Added escaping for error message in sending profile hostname
  • Loading branch information
jordan-wright committed Aug 7, 2020
1 parent 81aa65b commit 90fed5a
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion static/js/dist/app/sending_profiles.min.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion static/js/src/app/sending_profiles.js
Expand Up @@ -36,7 +36,7 @@ function sendTestEmail() {
})
.error(function (data) {
$("#sendTestEmailModal\\.flashes").empty().append("<div style=\"text-align:center\" class=\"alert alert-danger\">\
<i class=\"fa fa-exclamation-circle\"></i> " + data.responseJSON.message + "</div>")
<i class=\"fa fa-exclamation-circle\"></i> " + escapeHtml(data.responseJSON.message) + "</div>")
$("#sendTestModalSubmit").html(btnHtml)
})
}
Expand Down

1 comment on commit 90fed5a

@abergmann
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CVE-2020-24708 was assigned to this commit.

Please sign in to comment.