cb2086f652
Image URLs are not properly escaped in the bundled RedCloth3 library. It thus allowed an XSS vector. The patch was adapted from r7570 from Redmine by Etiene Massip. See also http://www.redmine.org/issues/9245. |
||
---|---|---|
.. | ||
chili_project | ||
redmine | ||
redmine_test.rb |