Opened 10 years ago
Closed 10 years ago
#7272 closed bug (worksforme)
Combobox demo: XSS vulnerability
| Reported by: | plentz | Owned by: | |
|---|---|---|---|
| Priority: | minor | Milestone: | 1.9.0 |
| Component: | ui.autocomplete | Version: | 1.8.11 |
| Keywords: | Cc: | ||
| Blocked by: | Blocking: |
Description (last modified by )
The values of the select options should be treated as text, not html.
Change History (3)
comment:1 Changed 10 years ago by
| Description: | modified (diff) |
|---|---|
| Status: | new → open |
| Summary: | Autocomplete-combobox has a serious xss vulnerability → Combobox demo: XSS vulnerability |
comment:2 Changed 10 years ago by
comment:3 Changed 10 years ago by
| Resolution: | → worksforme |
|---|---|
| Status: | open → closed |
This actually doesn't seem to have been a problem.
Note: See
TracTickets for help on using
tickets.
This looks fixed already.