vikunja
/
vikunja
6
43
Fork 69
Code Issues 152 Pull Requests 11 Packages Releases 32 Activity

"><svg/onload=alert(1)> TEST #1797

New Issue
Closed
opened 2021-06-10 22:14:05 +00:00 by bbh · 6 comments
bbh commented 2021-06-10 22:14:05 +00:00
Copy Link

"><svg/onload=alert(1)> TEST
gg

"><svg/onload=alert(1)> TEST ![gg](javascript:alert(1))
bbh commented 2021-06-10 22:14:13 +00:00
Author
Copy Link

"><svg/onload=alert(1)> TEST

"><svg/onload=alert(1)> TEST
bbh commented 2021-06-10 22:45:17 +00:00
Author
Copy Link

sorry guys , just for testing i will send a full report about this

sorry again

sorry guys , just for testing i will send a full report about this sorry again
konrad commented 2021-06-10 22:55:13 +00:00
Owner
Copy Link

Well looks like that comment had a lasting impact: image

Well looks like that comment had a lasting impact: ![image](/attachments/3a23428a-9f77-4229-82c0-9f7089c55f0e)
image.png
32 KiB
konrad commented 2021-06-10 22:56:19 +00:00
Owner
Copy Link

That comment I removed was really interesting: image

I wasn't even able to load the issue.

That comment I removed was really interesting: ![image](/attachments/f272d9f1-abeb-40ab-80e3-82786b665385) I wasn't even able to load the issue.
image.png
56 KiB
bbh commented 2021-06-10 23:20:08 +00:00
Author
Copy Link

yeah , it's alot of emojis and diffrent unicode like (ĵ,Ê,ᴶ)

like this report : https://hackerone.com/reports/511381

if kolaente have email for security or bug bounties please text me back, for reporting all security issues i've found on kolaente

thanks 😄

yeah , it's alot of emojis and diffrent unicode like (ĵ,Ê,ᴶ) like this report : https://hackerone.com/reports/511381 if kolaente have email for security or bug bounties please text me back, for reporting all security issues i've found on kolaente thanks 😄
konrad commented 2021-06-10 23:34:36 +00:00
Owner
Copy Link

If you have Vikunja-related security issues, please write that to the security email.

If you have Gitea-related security issues (that's this git server) please use their procedures to disclose these issues.

If you have Vikunja-related security issues, please write that to [the security email](https://vikunja.io/contact/#security). If you have Gitea-related security issues (that's this git server) please use [their procedures](https://github.com/go-gitea/gitea/blob/main/SECURITY.md) to disclose these issues.
❤️ 1
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
main
renovate/dev-dependencies
renovate/lowlight-3.x
renovate/golang.org-x-sync-0.x
renovate/major-dev-dependencies
renovate/github.com-asaskevich-govalidator-11.x
renovate/github.com-wneessen-go-mail-0.x
renovate/golangci-golangci-lint-1.x
feature/better-filter-syntax
fix/tiptap-task-list
renovate/flexsearch-0.x
feature/zod-schema
renovate/github.com-typesense-typesense-go-1.x
renovate/github.com-golang-jwt-jwt-v4-5.x
automatic-year-range-for-go-header-template
feature/hide-forbidden-related-tasks
renovate/golang-1.x
release/0.20
release/0.17
release/0.16
release/0.15
release/0.14
release/0.13
v0.23.0
v0.22.1
v0.22.0
v0.21.0
v0.20.4
v0.20.3
v0.20.2
v0.20.1
v0.20.0
v0.19.2
v0.19.1
v0.19.0
v0.18.1
v0.18.0
v0.17.1
v0.17.0
v0.16.1
v0.16.0
v0.15.1
v0.15.0
v0.14.1
v0.14.0
v0.13.1
v0.13
v0.12
v0.11
v0.10
v0.9
v0.8
v0.7
v0.6
v0.5
v0.4
v0.3
v0.2
v0.1
Labels
Clear labels   
dependencies

   
duplicate

This issue or pull request already exists

  
help wanted

Need some help

  
invalid

Something is wrong

  
kind/bug

Something is not working

  
kind/feature

New feature

  
needs reproduction

   
question

More information is needed

  
security

   
wontfix

This won't be fixed

No Label
dependencies
duplicate
help wanted
invalid
kind/bug
kind/feature
needs reproduction
question
security
wontfix
Milestone
Clear milestone
No items
No Milestone
Assignees
Clear assignees
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: vikunja/vikunja#1797
No description provided.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?