remove xss issues

paulOsinski · paulOsinski · commit cd5a3e733d13 · 2026-02-25T17:06:02.000-05:00
diff --git a/docs/layouts/_partials/footer/footer.html b/docs/layouts/_partials/footer/footer.html
@@ -49,11 +49,18 @@ <h6 class="footer-heading">Company</h6>
       <div class="col-6 col-lg-2 mb-3 mb-lg-0">
         <h6 class="footer-heading">Connect</h6>
         <div class="footer-social">
-          {{ range .Site.Menus.social -}}
-          <a href="{{ .URL | relURL }}" class="footer-social-link" aria-label="{{ .Name }}">
-            {{ .Pre | safeHTML }}
+          <a href="https://github.com/DefectDojo/django-DefectDojo" class="footer-social-link" aria-label="GitHub" rel="noopener">
+            <svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"></path><path d="M9 19c-4.3 1.4 -4.3 -2.5 -6 -3m12 5v-3.5c0 -1 .1 -1.4 -.5 -2c2.8 -.3 5.5 -1.4 5.5 -6a4.6 4.6 0 0 0 -1.3 -3.2a4.2 4.2 0 0 0 -.1 -3.2s-1.1 -.3 -3.5 1.3a12.3 12.3 0 0 0 -6.2 0c-2.4 -1.6 -3.5 -1.3 -3.5 -1.3a4.2 4.2 0 0 0 -.1 3.2a4.6 4.6 0 0 0 -1.3 3.2c0 4.6 2.7 5.7 5.5 6c-.6 .6 -.6 1.2 -.5 2v3.5"></path></svg>
+          </a>
+          <a href="https://www.linkedin.com/company/defectdojo/" class="footer-social-link" aria-label="LinkedIn" rel="noopener">
+            <svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"></path><path d="M4 4m0 2a2 2 0 0 1 2 -2h12a2 2 0 0 1 2 2v12a2 2 0 0 1 -2 2h-12a2 2 0 0 1 -2 -2z"/><path d="M8 11l0 5"/><path d="M8 8l0 .01"/><path d="M12 16l0 -5"/><path d="M16 16v-3a2 2 0 0 0 -4 0"/></svg>
+          </a>
+          <a href="https://www.youtube.com/@defectdojo" class="footer-social-link" aria-label="YouTube" rel="noopener">
+            <svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"></path><path d="M2 8a4 4 0 0 1 4 -4h12a4 4 0 0 1 4 4v8a4 4 0 0 1 -4 4h-12a4 4 0 0 1 -4 -4v-8z"/><path d="M10 9l5 3l-5 3z"/></svg>
+          </a>
+          <a href="https://x.com/defectdojo" class="footer-social-link" aria-label="X" rel="noopener">
+            <svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"></path><path d="M4 4l11.733 16h4.267l-11.733 -16z"></path><path d="M4 20l6.768 -6.768m2.46 -2.46l6.772 -6.772"></path></svg>
           </a>
-          {{ end -}}
         </div>
       </div>
     </div>
diff --git a/docs/layouts/home.html b/docs/layouts/home.html
@@ -8,7 +8,7 @@ <h1 class="hero-title">{{ .Title }}</h1>
           Official documentation for DefectDojo Pro and Open-Source editions,<br>
           maintained by DefectDojo Inc. and the Open-Source community.
         </p>
-        <p class="lead">{{ .Params.lead | safeHTML }}</p>
+        {{ with .Params.lead }}<p class="lead">{{ . }}</p>{{ end }}
         <div class="hero-actions">
           <a class="btn btn-primary rounded-pill btn-lg" href="{{ if site.Params.doks.docsVersioning }}{{ site.Params.doks.docsVersion }}/{{ end }}/get_started/about/about_defectdojo/" role="button">Get Started</a>
           <a class="btn btn-outline-secondary rounded-pill btn-lg ms-2" href="/supported_tools/" role="button">Supported Tools</a>
