[SECURITY][High] DOM injection risk in highlight directive

## Summary
Highlight directive wrote raw innerHTML using unescaped text and regex/class input.

## Severity
High

## Affected Files
cmdb-ui/src/directive/highlight/highlight.js

## Recommended Remediation
Escape HTML/regex input and sanitize class names before rendering highlighted output.

## Patch Branch
codex/sec-ui-highlight-xss

## Patch Commit
9353936

## Fork Branch URL
https://github.com/lhy8888/cmdb-security-fork/tree/codex/sec-ui-highlight-xss

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[SECURITY][High] DOM injection risk in highlight directive #759

Summary

Severity

Affected Files

Recommended Remediation

Patch Branch

Patch Commit

Fork Branch URL

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

[SECURITY][High] DOM injection risk in highlight directive #759

Description

Summary

Severity

Affected Files

Recommended Remediation

Patch Branch

Patch Commit

Fork Branch URL

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions