[Webkit-unassigned] [Bug 39478] XSS on bugs.webkit.org PrettyDiff view
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri May 21 15:16:22 PDT 2010
https://bugs.webkit.org/show_bug.cgi?id=39478
--- Comment #2 from Adam Roben (aroben) <aroben at apple.com> 2010-05-21 15:16:21 PST ---
> PrettyPatch.rb:
> // Insert a non-editable form of our comment.
> comment.insert("<pre>" + commentText + "</pre>");
> comment.setAttribute("class", "comment submitted");
>
> We need to escape commentText.
Or use innerText or textContent or createTextNode.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list