aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/plugin/apcups.json
diff options
context:
space:
mode:
authorNicolas Iooss2014-06-24 20:23:47 +0200
committerPim van den Berg2014-06-30 20:38:32 +0200
commit371e30a14aa51da456605ec4f5a5d37b5a3bd8e8 (patch)
tree580166cdf9564700cccb26c01f50d8754d5672b9 /plugin/apcups.json
parentjsrrdgraph: Fix graph width to look like rrdtool. (diff)
downloadapt-panopticon_cgp-371e30a14aa51da456605ec4f5a5d37b5a3bd8e8.zip
apt-panopticon_cgp-371e30a14aa51da456605ec4f5a5d37b5a3bd8e8.tar.gz
apt-panopticon_cgp-371e30a14aa51da456605ec4f5a5d37b5a3bd8e8.tar.bz2
apt-panopticon_cgp-371e30a14aa51da456605ec4f5a5d37b5a3bd8e8.tar.xz
Escape HTML in GET-provided hostname
A malicious user can enter javascript code in "h" GET parameter and this code gets executed because this parameter is copied in the HTML output without any escaping. This patch escape the output before it is checked it is valid.
Diffstat (limited to 'plugin/apcups.json')
0 files changed, 0 insertions, 0 deletions