Mirrors/thelounge
2
0
Fork 0
mirror of https://github.com/thelounge/thelounge synced 2024-11-26 22:10:22 +00:00
Code Issues Projects Releases Packages Wiki Activity

Prevent HTML injection through /topic!!!!

Browse source 
Really big security issue here.
This commit is contained in:
PangeaCake 2015-01-21 19:04:01 -08:00
parent 890c751bb6
commit 6c852a849a
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/plugins/irc-events/topic.js
View file

@ -29,7 +29,7 @@ module.exports = function(irc, network) {
chan.topic = topic
client.emit("topic", {
chan: chan.id,
topic: topic
topic: _.escape(topic)
});
});
};