forked from mirror/gitea
661d3d28e9
In the case of misuse or misunderstanding from a developer whereby, if `sel` can receive user-controlled data, jQuery `$(sel)` can lead to the creation of a new element. Current usage is using hard-coded selectors in the templates, but nobody prevents that from expanding to user-controlled somehow. |
||
---|---|---|
.. | ||
doc | ||
page |