Andal.LND/edx-platform
6
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
33,639 Commits 1 Branch 0 Tags
a85cc9e1d30c925b9e2c576edafc06f4e3d66e83
Commit Graph

2 Commits

Author SHA1 Message Date
Robert Raposa
44bd65293a Escape json for Studio advanced settings 
- Resolve SEC-27 by escaping course name in advanced settings
- Add escape_json_dumps to simplify escaping json in Mako templates

SEC-27: XSS/JS Error in Advanced Settings with invalid course name
 2015-11-03 10:38:39 -05:00
Daniel Friedman
09e1f9ed71 Fix XSS vulnerability in User Profile. 
TNL-2248
 2015-05-26 13:17:54 -04:00