Fix potential XSS vulnerability in rename hint - cgit-pink

diff options

author	Lukas Fleischer <cgit@cryptocrack.de>	2011-07-22 13:47:19 +0200
committer	Lars Hjemli <hjemli@gmail.com>	2011-07-22 12:21:28 +0000
commit	bebe89d7c11a92bf206bf6e528c51ffa8ecbc0d5 (patch)
tree	33e28db20cbae2aa513ccec38c7d4706654eed46 /ui-shared.h
parent	Remove dead initialization in cgit_parse_commit() (diff)
download	cgit-pink-bebe89d7c11a92bf206bf6e528c51ffa8ecbc0d5.tar.gz cgit-pink-bebe89d7c11a92bf206bf6e528c51ffa8ecbc0d5.zip

Fix potential XSS vulnerability in rename hint

The file name displayed in the rename hint should be escaped to avoid
XSS. Note that this vulnerability is only applicable when an attacker
has gained push access to the repository.

Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>

Diffstat (limited to 'ui-shared.h')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: