LucaCinquini
commented
7 years ago Those methods have been wrapped in a "validate_path()" method that checks for the presence of the infamous "." character.
Closed LucaCinquini closed 7 years ago
LucaCinquini
commented
7 years ago Those methods have been wrapped in a "validate_path()" method that checks for the presence of the infamous "." character.
murphysj
commented
7 years ago verified by code review.
Who: NOAA security scan
The third-party filebrowser software that is used in CoG is susceptible to file path manipulation attackes in its open() and save() methods.