Firehawk52-backup/jellyfin-web
28
0
Fork 0
mirror of https://github.com/jellyfin/jellyfin-web.git synced 2026-01-15 16:33:35 -03:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #7196 from thornbill/role-xss

Browse Source 
Fix xss for person roles

Credit for discovery to Carlos García-Olalla Olivera
This commit is contained in:
Bill Thornton
2025-10-16 09:36:03 -04:00
committed by GitHub
parent e91a7556cf 16fd2a01aa
commit 3215be4cd8
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/components/metadataEditor/metadataEditor.js
View File

@@ -970,7 +970,7 @@ function populatePeople(context, people) {
html += '</div>';
if (person.Role && person.Role !== lastType) {
html += '<div class="secondary">' + person.Role + '</div>';
html += '<div class="secondary">' + escapeHtml(person.Role) + '</div>';
} else {
html += '<div class="secondary">' + globalize.translate(person.Type) + '</div>';
}