#173 Possible security issue with injected JS - RedCloth

Overview
Tickets more
Messages
Milestones more
Search

Type	To find
responsible:me	tickets assigned to you
tagged:"@high"	tickets tagged @high
milestone:next	tickets in the upcoming milestone
state:invalid	tickets with the state invalid
created:"last week"	tickets created last week
sort:number, importance, updated	tickets sorted by #, importance or updated
Combine keywords for powerful searching.
Use advanced searching »

#173 new

Possible security issue with injected JS

Reported by locriani | October 12th, 2009 @ 05:20 PM

this is an innocuous link parses out as this is an innocuous link

Comments and changes to this ticket

You flagged this item as spam.
locriani October 12th, 2009 @ 05:20 PM
- Assigned user cleared.
```
"this is an innocuous link":javascript:alert(1)
```

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile »

RedCloth is a Ruby library for converting Textile into HTML

Shared Ticket Bins (Sort)

↓↑ drag 8 LaTeX
↓↑ drag 1 Documentation

People watching this ticket

Jason Garber
locriani

Jgarber RedCloth

inbound email

Possible security issue with injected JS

Comments and changes to this ticket

locriani October 12th, 2009 @ 05:20 PM

Create your profile

Shared Ticket Bins (Sort)

People watching this ticket

Pages

Jgarber RedCloth

inbound email

Keyword searching

Possible security issue with injected JS

Comments and changes to this ticket

locriani October 12th, 2009 @ 05:20 PM

Create your profile

Shared Ticket Bins (Sort)

People watching this ticket

Pages