Ensure all Jelly view have escape-by-default. (#3180)
* Ensure all Jelly view have escape-by-default. - all those views escape the content theirself, so no vulnerability corrected here (for TextParameterDefinition, it's done by textarea.jelly) * - just a line break at end * - just a line break at end (part 2) * - change from st:out to j:out because their content is expected to be html tags * - st => j for all finally
Please register or sign in to comment