Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Merge pull request #27 from muffinresearch/fix-1237967
Fix XSS in populateErrors
  • Loading branch information
EnTeQuAk committed Feb 18, 2016
2 parents 7df3f8f + 04edfad commit 29e7607
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion static/js/impala/forms.js
Expand Up @@ -10,7 +10,7 @@ function populateErrors(context, o) {
$.each(o, function(i, v) {
var $row = $('[name=' + i + ']', context).closest('.row');
$row.addClass('error');
$row.append($list.append($(format('<li>{0}</li>', v))));
$row.append($list.append($(format('<li>{0}</li>', _.escape(v)))));
});
}

Expand Down

0 comments on commit 29e7607

Please sign in to comment.