[PATCH] Fix potential XSS vulnerability in rename hint

larsh at hjemli.net larsh at hjemli.net
Fri Jul 22 14:25:21 CEST 2011

Previous message: [PATCH] Fix potential XSS vulnerability in rename hint
Next message: [PATCH 0/2] Compatibility fixes for non-Linux platforms
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Jul 22, 2011 at 01:47:19PM +0200, Lukas Fleischer wrote:
> The file name displayed in the rename hint should be escaped to avoid
> XSS. Note that this vulnerability is only applicable when an attacker
> has gained push access to the repository.

Thanks, applied to stable.

--
larsh

Previous message: [PATCH] Fix potential XSS vulnerability in rename hint
Next message: [PATCH 0/2] Compatibility fixes for non-Linux platforms
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the CGit mailing list