Security Issue: XSS vulnerability in modal_helper:close_button #906

New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Open

193s wants to merge 1 commit into seyhunak:master from 193s:patch-xss-1

193s commented May 18, 2016

Proof of Concept:

= modal_header title: 'confirm', show_close: true, dismiss: 'modal"><script>alert(1)</script>'


          fix xss vulnerability in modal_helper:close_button

fa99b47

# for free to join this conversation on GitHub. Already have an account? # to comment

Labels

None yet