Entities name rendered as HTML under details page
Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1096189
Description of problem:
GPG key name rendered as HTML under details page. See the name along with Heading "GPG Key" and along with 'Name'
Please see screenshot.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. create a gpgkey with <a href='foo'>Click here</a>
2. go to details page
the link'Click here' will be created
the key name should not be rendered as html
it should be like
<a href='foo'>Click here</a>
Fixes #5745/BZ963572: upgrade angular-gettext to fix XSS.
The library Bastion uses for i18n, angular-gettext, was
vulnerable to XSS. This commit upgrades the version of
angular-gettext to one that is no longer vulnerable.
#6 Updated by Walden Raines over 6 years ago
This is caused by a third party library angular-gettext. I have entered an issue here: https://github.com/rubenv/angular-gettext/issues/75