cerebrate-project
/
cerebrate
mirror of https://github.com/cerebrate-project/cerebrate
1
0
Fork 0
Code Issues Releases Wiki Activity
cerebrate/templates/element/genericElements
History
iglocska 495c4ee93c
fix: [security] XSS in the generic action template 
- a previously assumed internal url can have user input appended via the MISP local tool connector
- requires a compromised connected MISP instance where a malicious administrator modifies the UUIDs of cerebrate relevant objects to JS payloads

- as reported by Dawid Czarcnecki of Zigrin Security
 		2022-02-20 12:07:06 +01:00
..
Configuration wip: initial connectors 2021-04-30 23:59:53 +02:00
Form fix: [security] genericForm reflected XSS in form descriptions for user controlled descriptions 2022-02-03 23:56:23 +01:00
IndexTable fix: [security] XSS in the generic action template 2022-02-20 12:07:06 +01:00
ListTopBar fix: [users:view] Correctly reload authkey child panel when performing operations 2022-01-27 10:21:55 +01:00
MetaTemplates chg: [metaTemplates] Outline default template 2020-12-10 17:46:16 +01:00
SingleViews new: [encryption key] view added 2022-01-17 09:45:45 +01:00
accordion_scaffold.php chg: [bootstrap] Migrated APP to use bootstrap v5.x 2021-09-17 13:04:37 +02:00
codemirror.php fix: [genericElement:codemirror] Catch if no data for codemirror are passed 2021-07-07 15:02:48 +02:00
genericModal.php chg: [bootstrap] Migrated APP to use bootstrap v5.x 2021-09-17 13:04:37 +02:00
header_scaffold.php chg: [bootstrap] Migrated APP to use bootstrap v5.x 2021-09-17 13:04:37 +02:00
index_simple.php chg: [genericTemplate:index_simple] Moved file to element 2021-06-12 11:59:40 +02:00
side_menu_dropdown_scaffold.php chg: [bootstrap] Migrated APP to use bootstrap v5.x 2021-09-17 13:04:37 +02:00
side_menu_scaffold.php chg: [bootstrap] Migrated APP to use bootstrap v5.x 2021-09-17 13:04:37 +02:00