cerebrate-project
/
cerebrate
mirror of https://github.com/cerebrate-project/cerebrate
1
0
Fork 0
Code Issues Releases Wiki Activity
cerebrate/templates/element
History
iglocska 495c4ee93c
fix: [security] XSS in the generic action template 
- a previously assumed internal url can have user input appended via the MISP local tool connector
- requires a compromised connected MISP instance where a malicious administrator modifies the UUIDs of cerebrate relevant objects to JS payloads

- as reported by Dawid Czarcnecki of Zigrin Security
 		2022-02-20 12:07:06 +01:00
..
Settings fix: [settings:settingField] Enforce sanitization of input fields 2022-02-07 11:43:09 +01:00
UserSettings new: [userSettings] Added complete support of user settings 2021-10-18 13:28:26 +02:00
charts chg: [instance:home] Slightly improved UI 2021-09-18 10:22:59 +02:00
flash chg: [elements:flash] Support of toast for flash messages 2021-10-04 13:06:12 +02:00
genericElements fix: [security] XSS in the generic action template 2022-02-20 12:07:06 +01:00
layouts fix: [userSettings] Perform URI validation for bookmarks 2022-02-07 10:48:55 +01:00
widgets chg: [ui:home] Nicer icons and layout 2021-10-18 14:59:18 +02:00
footer.php chg: [restructure] the application 2020-06-22 14:28:17 +02:00
header.php chg: [restructure] the application 2020-06-22 14:28:17 +02:00
side_menu.php new: [UI] made the side menu responsive, fixes #16 2020-06-23 13:05:08 +02:00