about summary refs log tree commit diff
path: root/filters
diff options
context:
space:
mode:
authorLukas Fleischer <cgit@cryptocrack.de>2011-07-22 13:47:19 +0200
committerLars Hjemli <hjemli@gmail.com>2011-07-22 12:21:28 +0000
commitbebe89d7c11a92bf206bf6e528c51ffa8ecbc0d5 (patch)
tree33e28db20cbae2aa513ccec38c7d4706654eed46 /filters
parentRemove dead initialization in cgit_parse_commit() (diff)
downloadcgit-pink-bebe89d7c11a92bf206bf6e528c51ffa8ecbc0d5.tar.gz
cgit-pink-bebe89d7c11a92bf206bf6e528c51ffa8ecbc0d5.zip
Fix potential XSS vulnerability in rename hint
The file name displayed in the rename hint should be escaped to avoid
XSS. Note that this vulnerability is only applicable when an attacker
has gained push access to the repository.

Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
Diffstat (limited to 'filters')
0 files changed, 0 insertions, 0 deletions
 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-09-17 19:53:58 +0000


 


ausal.agency/up.c?id=c5344577075d5e97e918ef173e947901e058d8f1&follow=1'>Add CGI upload program for temp.causal.agencyJune McEnroe


2020-07-10Add The Broken KingdomsJune McEnroe


2020-07-08Add facebook and twitter to title user-agentJune McEnroe

This fixes fetching tweets again!

https://github.com/thelounge/thelounge/pull/ 3602

(Intentionally breaking the link so GitHub doesn't add a "referenced
this PR" thing?)



2020-06-30Tweak causal.agency for mostly no reasonJune McEnroe


2020-06-30Add Ancillary JusticeJune McEnroe


2020-06-26Add password non-manager to planJune McEnroe

I've had this idea for years...



2020-06-26Tweak TF2 sensitivities once moreJune McEnroe


2020-06-19Add note about litterbox bot useJune McEnroe


2020-06-19Publish "IRC suite"June McEnroe


2020-06-17Add errors to link.shJune McEnroe