search

gchq / CyberChef

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
https://gchq.github.io/CyberChef
Apache License 2.0
28.66k stars 3.22k forks source link

Misc: CyberChef depends on a vulnerable version of Bootstrap #1907

Open mhassan1 opened 2 weeks ago

mhassan1 commented 2 weeks ago

CyberChef depends on Bootstrap v4, which has a couple of XSS vulnerabilities that won't get fixed (https://github.com/twbs/bootstrap/issues/40765#issuecomment-2306988034).

I think there are a few options:

  1. ignore this
  2. upgrade to Bootstrap v5
  3. find or create a fork of Bootstrap v4 with the vulnerabilities fixed