Headline
CVE-2021-30071: Fix XSS issue in list_key.html · hestiacp/hestiacp@706314c
A cross-site scripting (XSS) vulnerability in /admin/list_key.html of HestiaCP before v1.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
Permalink
Browse files
Fix XSS issue in list_key.html
- Loading branch information
Kristan Kenney committed
Mar 28, 2021
1 parent 1e571d8 commit 706314c12872c7607e96a73dfc77dbbddad2875e
Showing 1 changed file with 1 addition and 1 deletion.
@@ -29,7 +29,7 @@
?>
<div class="l-unit header animated fadeIn">
<div class="l-unit__col l-unit__col–right">
<div class="clearfix l-unit__stat-col–left wide-3"><b><?=$data[$key][‘ID’];?></b></div>
<div class="clearfix l-unit__stat-col–left wide-3"><b><?=htmlspecialchars($data[$key][‘ID’]);?></b></div>
<div class="clearfix l-unit__stat-col–left text-left compact-2">
<div class="l-unit-toolbar__col l-unit-toolbar__col–right noselect">
<div class="actions-panel clearfix">
0 comments on commit 706314c
Please sign in to comment.