Modify ↓
Opened 4 years ago
Closed 4 years ago
#14026 closed defect (fixed)
MarkdownMacro renders unsafe content
Reported by: | Cinc-th | Owned by: | Cinc-th |
---|---|---|---|
Priority: | highest | Component: | MarkdownMacro |
Severity: | normal | Keywords: | |
Cc: | Trac Release: |
Description
The MarkdownMacro currently renders unsafe HTML. The following example excutes the contained javascript code.
{{{#!Markdown # Markdown header <script> alert('Gotcha!'); </script> }}}
Attachments (0)
Note: See
TracTickets for help on using
tickets.
In 18325: