mirror of https://github.com/MISP/MISP
Fix to a security issue in the PGP fetching tool
- reported by RichieB2B - The scraped URL for the PGP fetching tool was not sanitised before being echoedpull/727/head
parent
596ec80ac9
commit
c46922be12
|
@ -1 +1 @@
|
|||
{"major":2, "minor":3, "hotfix":153}
|
||||
{"major":2, "minor":3, "hotfix":155}
|
|
@ -9,9 +9,9 @@
|
|||
</tr>
|
||||
<?php foreach ($keys as $k => $key): ?>
|
||||
<tr style="border-bottom:1px solid black;" class="templateChoiceButton">
|
||||
<td style="padding-left:10px; text-align:left;width:20%;" title="<?php echo h($key['fingerprint']); ?>" onClick="pgpChoiceSelect('<?php echo $key['uri']; ?>')"><?php echo h($key['key_id']); ?></td>
|
||||
<td style="text-align:left;width:20%;" title="<?php echo h($key['fingerprint']); ?>" onClick="pgpChoiceSelect('<?php echo $key['uri']; ?>')"><?php echo h($key['date']); ?></td>
|
||||
<td style="padding-right:10px; text-align:left;width:60%;" title="<?php echo h($key['fingerprint']); ?>" onClick="pgpChoiceSelect('<?php echo $key['uri']; ?>')"><?php echo nl2br(h($key['address'])); ?></td>
|
||||
<td style="padding-left:10px; text-align:left;width:20%;" title="<?php echo h($key['fingerprint']); ?>" onClick="pgpChoiceSelect('<?php echo h($key['uri']); ?>')"><?php echo h($key['key_id']); ?></td>
|
||||
<td style="text-align:left;width:20%;" title="<?php echo h($key['fingerprint']); ?>" onClick="pgpChoiceSelect('<?php echo h($key['uri']); ?>')"><?php echo h($key['date']); ?></td>
|
||||
<td style="padding-right:10px; text-align:left;width:60%;" title="<?php echo h($key['fingerprint']); ?>" onClick="pgpChoiceSelect('<?php echo h($key['uri']); ?>')"><?php echo nl2br(h($key['address'])); ?></td>
|
||||
</tr>
|
||||
<?php endforeach; ?>
|
||||
</table>
|
||||
|
|
Loading…
Reference in New Issue