Open elongstreet88 opened 8 months ago
Fixes https://github.com/billchurch/webssh2/issues/345 http://localhost:2222/ssh/host/mydevice.local?header=<img src=x onerror=alert('XSS')>
http://localhost:2222/ssh/host/mydevice.local?header=<img src=x onerror=alert('XSS')>
Before:
After:
Note - This could be breaking if someone is using the header for HTML rendering, however, i would say this is still justified.
Kudos, SonarCloud Quality Gate passed!
0 Bugs 0 Vulnerabilities 0 Security Hotspots 0 Code Smells
No Coverage information No Duplication information
Fixes https://github.com/billchurch/webssh2/issues/345
http://localhost:2222/ssh/host/mydevice.local?header=<img src=x onerror=alert('XSS')>
Before:![image](https://github.com/billchurch/webssh2/assets/2525601/ab3ad052-30c3-4fd9-93c4-3581cac57d6d)
After:
Note - This could be breaking if someone is using the header for HTML rendering, however, i would say this is still justified.