Skip to content

GitLab

  • Menu
Projects Groups Snippets
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • fusiondirectory fusiondirectory
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 31
    • Issues 31
    • List
    • Boards
    • Service Desk
    • Milestones
  • Deployments
    • Deployments
    • Releases
  • Packages & Registries
    • Packages & Registries
    • Container Registry
  • Activity
  • Graph
  • Create a new issue
  • Commits
  • Issue Boards
Collapse sidebar
  • fusiondirectory
  • fusiondirectoryfusiondirectory
  • Issues
  • #5907
Closed
Open
Created Oct 10, 2018 by Côme Chilliet@cchillietReporter

Error dialogs do not escape HTML from fields

This can easily be tested in password recovery. Other parts of FD might be impacted.

This can cause bugs or allow HTML/javascript injection.

Edited Oct 10, 2018 by Côme Chilliet
Assignee
Assign to
Time tracking