Open gKelsoCsiro opened 3 days ago
Try the newest release 1.3.26 and let me know if the issue persists.
Hi there,
Many thanks for the prompt response.
I've updated to the latest release.
Behaviour is now the following:
We can now create a Vulnerability with the TAB character in it's title; however
Again, many thanks for the assistance thus far.
I think we got it everywhere now :) ... @gKelsoCsiro see if 1.3.27 fixes this last issue.
Description: The TAB character breaks the finding page when it's used as part of a Vulnerabilities name. This was found when copying a finding name from a MS Word template directly in.
POC: The following POST data when sent to http://localhost:9000/portal/updateVulnerability will cause the issue.
vulnid=12&title=This is a Test asdf&_token=75779572-290f-4d62-a0cf-7011e4b59fe7
Screenshot: The screenshot above shows the "You appear offline" popup and prevents interaction with the web browser.
Current work arounds:
Further details:
Commit hash: 137d9fa07262f18118fe3f7f8a726076c6a73e40 Branch name: main Date of checkout: 10/10/2024 - AEST (Australian Eastern Standard Time)
Other: Have tested using a container image hosted on *nix and Windows environments. Testing has confirmed issue in Ms Edge and Chromium.