Branch: refs/heads/stable-16.10.x Home: https://github.com/xwiki/xwiki-platform Commit: 1da795bb1c609ebfbccc94a71b22914fcb6ff77b https://github.com/xwiki/xwiki-platform/commit/1da795bb1c609ebfbccc94a71b22… Author: Michael Hamann <michael.hamann(a)xwiki.com> Date: 2025-07-14 (Mon, 14 Jul 2025) Changed paths: M xwiki-platform-core/xwiki-platform-oldcore/src/main/java/com/xpn/xwiki/doc/XWikiDocument.java M xwiki-platform-core/xwiki-platform-oldcore/src/test/java/com/xpn/xwiki/doc/XWikiDocumentTest.java Log Message: ----------- XWIKI-23378: Protection against HTML macro injection should be aligned with XHTML renderer * Apply HTML macro escaping improvements from rendering also to XWikiDocument#display: * Escape all variants of both opening and closing HTML macros. * Escape also just the start of an opening and closing HTML macro to avoid complex patterns. (cherry picked from commit 12b780ccd5bca5fc8f74f46648d7e02fa04fbc11) To unsubscribe from these emails, change your notification settings at https://github.com/xwiki/xwiki-platform/settings/notifications