search

graphite-project / graphite-web

A highly scalable real-time graphing system
http://graphite.readthedocs.org/
Apache License 2.0
5.88k stars 1.26k forks source link

Fix XSS in some dashboards queries #2785

Closed msaf1980 closed 1 year ago

msaf1980 commented 1 year ago

Fixes XSS in some dashboards queries: issue #2744 issue #2745

Also fix: issue #2746

risicle commented 1 year ago

It would be nice to have a release incorporating this as it has now been indicated in 3 different CVEs: CVE-2022-4730, CVE-2022-4729 & CVE-2022-4728.

deniszh commented 1 year ago

Agreed, will do release soon

deniszh commented 1 year ago

💚 All backports created successfully

Status Branch Result
✅ 1.1.x

Questions ?

Please refer to the Backport tool documentation