search

att / rcloud

Collaborative data analysis and visualization
http://rcloud.social
MIT License
429 stars 141 forks source link

XSS reflection vulnerabilities in notebook.R #2727

Closed gordonwoodhull closed 4 years ago

gordonwoodhull commented 4 years ago

Input could be crafted to notebook.R to produce pages that run JavaScript on the client computer.

gordonwoodhull commented 4 years ago

Fixed in eac16334e and released in 2.2.3