Escape html entities when no label found

author: Jarka Košanová <jarka@gitlab.com> 2018-12-12 21:28:31 +0300
committer: Jarka Košanová <jarka@gitlab.com> 2018-12-22 16:54:53 +0300
commit: a5843ecb4c6dd6e61efb21ed3b602a8a32981492 (patch)
tree: 372cbf32a5cc7af01a434f2bcb453fc9d7327cdd /changelogs
parent: d2120ff1e705799752e7d9704cae3f1896d8e186 (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/changelogs/unreleased/54427-label-xss.yml b/changelogs/unreleased/54427-label-xss.yml
new file mode 100644
index 00000000000..090d1832af2
--- /dev/null
+++ b/changelogs/unreleased/54427-label-xss.yml
@@ -0,0 +1,5 @@
+---
+title: Escape html entities in LabelReferenceFilter when no label found
+merge_request:
+author:
+type: security
author	Jarka Košanová <jarka@gitlab.com>	2018-12-12 21:28:31 +0300
committer	Jarka Košanová <jarka@gitlab.com>	2018-12-22 16:54:53 +0300
commit	a5843ecb4c6dd6e61efb21ed3b602a8a32981492 (patch)
tree	372cbf32a5cc7af01a434f2bcb453fc9d7327cdd /changelogs
parent	d2120ff1e705799752e7d9704cae3f1896d8e186 (diff)