-
Type: Bug
-
Status: Closed (View Workflow)
-
Priority: Major
-
Resolution: Fixed
-
Affects Version/s: 0.13
-
Fix Version/s: 0.14
-
Environment:
FF11, Chrome, Win7
Step to reproduce:
1. Open any topic and click "Answer"
2. Insert text:
[code=cpp]void main()
Unknown macro: { cout<<"Hello, world!""<<endl; }[/code]
some text here
[code=html]<html>
<head>
<title>Hello world page</title>
</head>
<body>
<p>Hello, world!</p>
</body>
</html>[/code]
3. Click "Preview" or "Answer"
AR: All content, incuding "Some text here" are under CODE-tag (see attach.)
ER: Highligted C++ code, text "Some text here", highlighted HTML code
- duplicates
-
JC-614 Active xss can be created using code tag
- Closed