[checkmk-commits] [tribe29/checkmk] facc66: Add tests to confirm XSS issue

Branch: refs/heads/2.0.0 Home: https://github.com/tribe29/checkmk Commit: facc664f423f1abd969dd65afc1a659872108509 https://github.com/tribe29/checkmk/commit/facc664f423f1abd969dd65afc1a65987… Author: Lars Michelsen <lm(a)tribe29.com> Date: 2021-04-27 (Tue, 27 Apr 2021) Changed paths: M tests/unit/cmk/gui/test_htmllib_html_cls.py Log Message: ----------- Add tests to confirm XSS issue Change-Id: I88f4fd54dcb525aca313303ec1f004f4f5822eef Commit: 9f3bb5e9c3939624f3100df78d0f9e6c75cdc9b4 https://github.com/tribe29/checkmk/commit/9f3bb5e9c3939624f3100df78d0f9e6c7… Author: Lars Michelsen <lm(a)tribe29.com> Date: 2021-04-27 (Tue, 27 Apr 2021) Changed paths: A .werks/12564 M cmk/gui/htmllib.py M tests/unit/cmk/gui/test_htmllib_html_cls.py Log Message: ----------- 12564 SEC Fix possible stored XSS issue when uploading backup keys Uploading backup keys could trigger a XSS issue which could lead to execution of arbitrary javascript code in the context of the user currently accessing the setup GUI. CMK-7152 Change-Id: I384976cb2216a0a9da336b45b26e2e3da450d52c Compare: https://github.com/tribe29/checkmk/compare/39b876965bdd...9f3bb5e9c393