Headline

CVE-2021-4257: Fix XSS issues in tasks · ctrlo/lenio@698c5fa

A vulnerability was found in ctrlo lenio. It has been declared as problematic. This vulnerability affects unknown code of the file views/task.tt of the component Task Handler. The manipulation of the argument site.org.name/check.name/task.tasktype.name/task.name leads to cross site scripting. The attack can be initiated remotely. The name of the patch is 698c5fa465169d6f23c6a41ca4b1fc9a7869013a. It is recommended to apply a patch to fix this issue. VDB-216214 is the identifier assigned to this vulnerability.

1 year ago

CVE

Open in Source

#xss #vulnerability #git

- Actions
  
  Automate any workflow
- Packages
  
  Host and manage packages
- Security
  
  Find and fix vulnerabilities
- Codespaces
  
  Instant dev environments
- Copilot
  
  Write better code with AI
- Code review
  
  Manage code changes
- Issues
  
  Plan and track work
- Discussions
  
  Collaborate outside of code

*   Explore
*   All features
*   Documentation
*   GitHub Skills
*   Blog

- For
- Enterprise
- Teams
- Startups
- Education
- By Solution
- CI/CD & Automation
- DevOps
- DevSecOps
- Case Studies
- Customer Stories
- Resources
- GitHub Sponsors
  
  Fund open source developers

*   The ReadME Project
    
    GitHub community articles
    

*   Repositories
*   Topics
*   Trending
*   Collections

Pricing
In this repository All GitHub

No suggested jump to results
In this repository All GitHub
In this organization All GitHub
In this repository All GitHub

ctrlo / lenio Public

Notifications
Fork 1
Star 0

Code
Issues
Pull requests
Actions
Projects
Wiki
Security
Insights

Permalink

Browse files

Fix XSS issues in tasks

Loading branch information

Andy Beverley committed

Feb 8, 2021

1 parent 802755e commit 698c5fa465169d6f23c6a41ca4b1fc9a7869013a

Showing 1 changed file with 2 additions and 2 deletions.

4 views/task.tt

Show comments View file

@@ -217,7 +217,7 @@

[% END %]

[% IF site.id %]

<h3>Site Manager Checks ([% site.org.name %] - [% site.name %])

<h3>Site Manager Checks ([% site.org.name | html %] - [% site.name | html %])

<small>

<a data-toggle="modal" data-target="#modal_download" href="">Download</a>

</small>

@@ -235,7 +235,7 @@

[% FOR check IN site_checks %]

<tr>

<td><a href="/check_edit/[% check.id %]">[% check.name %]</a></td>

<td><a href="/check_edit/[% check.id %]">[% check.name | html %]</a></td>

<td>[% check.period_qty %] [% check.period_unit %][% IF check.period_qty > 1 %]s[% END %]</td>

[% IF site.id %]

<td>[% check.last_completed.strftime(dateformat) %]</td>

0 comments on commit 698c5fa

Please sign in to comment.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

9 months ago

9 months ago

9 months ago

9 months ago

9 months ago