id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
758	django_admin_log items should be HTML-escaped when shown in admin interface	Tom Tobin <korpios@…>	Adrian Holovaty	"Admin actions are currently added to the `django_admin_log` table with the `object_repr` column set to the object's `__repr__`.  When displayed in the ""Recent Actions"" sidebar in the admin, however, these bits of text are not escaped to be HTML-safe; anything enclosed in `<angle brackets>`, for instance, seems invisible to the admin interface user as the browser interprets it as a tag.
"	defect	closed	contrib.admin		normal	fixed			Accepted	0	0	0	0	0	0