Branch: refs/heads/2.0.0
Home:
https://github.com/tribe29/checkmk
Commit: facc664f423f1abd969dd65afc1a659872108509
https://github.com/tribe29/checkmk/commit/facc664f423f1abd969dd65afc1a65987…
Author: Lars Michelsen <lm(a)tribe29.com>
Date: 2021-04-27 (Tue, 27 Apr 2021)
Changed paths:
M tests/unit/cmk/gui/test_htmllib_html_cls.py
Log Message:
-----------
Add tests to confirm XSS issue
Change-Id: I88f4fd54dcb525aca313303ec1f004f4f5822eef
Commit: 9f3bb5e9c3939624f3100df78d0f9e6c75cdc9b4
https://github.com/tribe29/checkmk/commit/9f3bb5e9c3939624f3100df78d0f9e6c7…
Author: Lars Michelsen <lm(a)tribe29.com>
Date: 2021-04-27 (Tue, 27 Apr 2021)
Changed paths:
A .werks/12564
M cmk/gui/htmllib.py
M tests/unit/cmk/gui/test_htmllib_html_cls.py
Log Message:
-----------
12564 SEC Fix possible stored XSS issue when uploading backup keys
Uploading backup keys could trigger a XSS issue which could lead to execution
of arbitrary javascript code in the context of the user currently accessing the
setup GUI.
CMK-7152
Change-Id: I384976cb2216a0a9da336b45b26e2e3da450d52c
Compare:
https://github.com/tribe29/checkmk/compare/39b876965bdd...9f3bb5e9c393