← Back to team overview

maria-docs team mailing list archive

KB security bug: History pages have a XSS vulnerability


I think that history pages in MariaDB Knowledge Base have a cross-site scripting vulnerability because special characters contained in link texts and revision comments are not escaped.
For example, this page: https://mariadb.com/kb/en/meta/editing-help/creole-formatting/+history