Loading...

XML

Word

Printable

Type: Bug
Resolution: Duplicate
Priority: High
Fix Version/s: None
Affects Version/s: None
Component/s: Rendering - Markdown Syntax
Labels:
None

Bug Fix Policy:
View Atlassian Server bug fix policy

Stash doesn't escape HTML in commit messages at least in pull requests which creates a security risk if people submitting pull requests aren't fully trusted.

duplicates

BSERV-3635 Html in PR comments not encoded

Closed

Assignee:: Unassigned

Reporter:: m_gol

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Created:: 30/Sep/2013 10:16 AM

Updated:: 01/Oct/2013 11:24 PM

Resolved:: 01/Oct/2013 3:53 AM

Details

Description

Attachments

Issue Links

Forms

Activity

People

Dates