search

NASA-PDS / portal-tasks

PDS Portal tasks repo used to track update requests for the website. Actual code and website are managed in separate private repo
https://pds.nasa.gov
0 stars 0 forks source link

Possible XSS vulnerability on data set view pages #54

Closed jordanpadams closed 1 year ago

jordanpadams commented 1 year ago

🐛 Describe the bug

Potential for XSS at on data set view page

⚙️ Engineering Details

This may not be an actual vulnerability, but we want to make sure this could not enable access to database or other internal resources

See email discussion for more details

jordanpadams commented 1 year ago

@acyu-jpl has addressed most of this and PR is up on internal JPL repo. now on gamma for testing

jordanpadams commented 1 year ago

Status: Changes have been merged. Deployed to ops.