Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Escape quotes when parsing replies for ERB #193

Open
mgomes opened this issue Sep 17, 2019 · 0 comments
Open

Escape quotes when parsing replies for ERB #193

mgomes opened this issue Sep 17, 2019 · 0 comments
Assignees
@mgomes
Labels
security Pull requests that address a security vulnerability
Milestone
2.0

Comments

@mgomes
Copy link
Member

mgomes commented Sep 17, 2019

This is a security concern when user data is loaded via ERB into the YAML replies.
@mgomes mgomes self-assigned this Sep 17, 2019
@mgomes mgomes added this to the 2.0 milestone Sep 17, 2019
@mgomes mgomes added the security Pull requests that address a security vulnerability label Nov 4, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mgomes mgomes

Labels
security Pull requests that address a security vulnerability
Projects
None yet
Milestone
2.0
Development

No branches or pull requests
1 participant
@mgomes