Andreas/wekan
1
0
Fork 0
mirror of https://github.com/wekan/wekan.git synced 2025-12-16 15:30:13 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

WIP: XSS fixes

Browse source
This commit is contained in:
Marc Hartmayer 2020-06-07 22:58:56 +02:00
parent 1f85b25549
commit fb44df9815
3 changed files with 48 additions and 38 deletions
Download patch file Download diff file Expand all files Collapse all files

2
client/components/rules/actions/cardActions.jade
View file

@ -75,7 +75,7 @@ template(name="cardActions")
button.trigger-button.trigger-button-color.js-show-color-palette(
id="color-action"
class="card-details-{{cardColorButton}}")
| {{{_ cardColorButtonText }}}
| {{{_ cardColorButtonText }}} // XSS?!
div.trigger-button.js-set-color-action.js-goto-rules
i.fa.fa-plus