]> gitweb.ps.run Git - ps-cgit/commitdiff
projects / ps-cgit / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from: bebe89d)
Fix potential XSS vulnerability in rename hint
authorLukas Fleischer <cgit@cryptocrack.de>
Fri, 22 Jul 2011 11:47:19 +0000 (13:47 +0200)
committerLars Hjemli <hjemli@gmail.com>
Fri, 22 Jul 2011 12:21:28 +0000 (12:21 +0000)
The file name displayed in the rename hint should be escaped to avoid
XSS. Note that this vulnerability is only applicable when an attacker
has gained push access to the repository.

Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>

No differences found
Unnamed repository; edit this file 'description' to name the repository.