Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Escape quotes when parsing replies for ERB #193

Open
mgomes opened this issue Sep 17, 2019 · 0 comments
Open

Escape quotes when parsing replies for ERB #193

mgomes opened this issue Sep 17, 2019 · 0 comments
Assignees
Labels
security Pull requests that address a security vulnerability
Milestone

Comments

@mgomes
Copy link
Member

mgomes commented Sep 17, 2019

This is a security concern when user data is loaded via ERB into the YAML replies.

@mgomes mgomes self-assigned this Sep 17, 2019
@mgomes mgomes added this to the 2.0 milestone Sep 17, 2019
@mgomes mgomes added the security Pull requests that address a security vulnerability label Nov 4, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
security Pull requests that address a security vulnerability
Projects
None yet
Development

No branches or pull requests

1 participant