Mercurial > kallithea
view MANIFEST.in @ 7553:c9bd000a4567 stable
templates/summary: escape branch/tag/bookmark names in 'Download as zip' links to prevent XSS
On a repository summary page, in the 'Download' section where you can
download an archive of the repository at a given revision, the branch/tag
names were not correctly escaped.
This means that if an attacker is able to push a branch/tag/bookmark
containing HTML/JavaScript in its name, then that code would be evaluated.
This is a cross-site scripting (XSS) vulnerability.
Fix the problem by correctly escaping the branch/tag/bookmarks.
Reported by Bob Hogg <wombat@rwhogg.site> (thanks!).
author | Mads Kiilerich <mads@kiilerich.com> |
---|---|
date | Mon, 11 Feb 2019 21:36:55 +0100 |
parents | 19267f233d39 |
children | 968f2d4214e8 |
line wrap: on
line source
include Apache-License-2.0.txt include CONTRIBUTORS include COPYING include LICENSE-MERGELY.html include LICENSE.md include MIT-Permissive-License.txt include README.rst include development.ini recursive-include docs * recursive-include init.d * include kallithea/bin/ldap_sync.conf include kallithea/bin/template.ini.mako include kallithea/config/deployment.ini_tmpl recursive-include kallithea/i18n * recursive-include kallithea/lib/dbmigrate *.py_tmpl README migrate.cfg recursive-include kallithea/public * recursive-include kallithea/templates * recursive-include kallithea/tests/fixtures * recursive-include kallithea/tests/scripts * include kallithea/tests/test.ini include kallithea/tests/vcs/aconfig