We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
The 'SSH' Resource configuration form is susceptible to XSS via the 'Resource Name' parameter
POC: Create a SSH resource with the name: "><script>alert("TEST");</script>" Click on the resource in the Resources list menu, and observe the alert.
Resource Name field should be validated
If applicable, add screenshots to help explain your problem.
Include as many relevant details about the environment you experienced the problem in.
Add any other context about the problem here.
The text was updated successfully, but these errors were encountered:
Al2Klimov
Successfully merging a pull request may close this issue.
Describe the bug
The 'SSH' Resource configuration form is susceptible to XSS via the 'Resource Name' parameter
To Reproduce
POC: Create a SSH resource with the name: "><script>alert("TEST");</script>"
Click on the resource in the Resources list menu, and observe the alert.
Expected behavior
Resource Name field should be validated
Screenshots
If applicable, add screenshots to help explain your problem.
Your Environment
Include as many relevant details about the environment you experienced the problem in.
Additional context
Add any other context about the problem here.
The text was updated successfully, but these errors were encountered: