Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: Low
Fix Version/s: 3.1.0
Affects Version/s: 2.5.0
Component/s: Pull Requests, Rendering - Markdown Syntax
Labels:
- innovation-week

I wrote this comment:

This will be very hard to read in the javadoc. Add <br>s or <li>s or at least semi-colons between lines.

The html wasn't escaped and is parsed by the browser. Not cool. I can't comment or edit comments any more on the PR, and if I weren't really busy I'd be hunting for XSS attacks.

https://stash.atlassian.com/projects/CONF/repos/confluence/pull-requests/1331/overview?commentId=9508 is the review in question

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List

unencoded html.png
23 kB
08/Jul/2013 2:11 AM

is duplicated by

BSERV-3910 Stash doesn't escape HTML in commit messages

Closed

BSERV-3295 Comment Date format changes from relative to absolute dates unexpectedly

Closed

BSERV-4510 using certain comment make reply/edit/delete buttons unusable

Closed

Assignee:: jhinch (Atlassian)
Reporter:: Don Willis
Votes:: 0 Vote for this issue
Watchers:: 10 Start watching this issue

Created:: 08/Jul/2013 2:11 AM
Updated:: 05/Aug/2014 5:38 PM
Resolved:: 23/May/2014 3:41 AM

Details

Description

Attachments

Attachments

Issue Links

Activity

People

Dates