Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Merge pull request #2797 from modoboa/fix/xss_issue_with_tags
Fixed XSS vulnerability
  • Loading branch information
tonioo committed Feb 22, 2023
2 parents b0c4528 + 05b4a4f commit aa74e9a
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions modoboa/static/js/listing.js
Expand Up @@ -255,9 +255,9 @@ Listing.prototype = {
make_tag: function(text, type) {
var $tag = $("<a />", {
"name": type, "class" : "btn btn-default btn-xs",
"html": " " + text
"html": " " + htmlEncode(text)
});

$("<span />", {"class" : "fa fa-remove"}).prependTo($tag);
$tag.click($.proxy(this.remove_tag, this));
return $tag;
Expand Down

0 comments on commit aa74e9a

Please sign in to comment.