Quick Links

[pgAdmin4][Patch]: RM 1527: XSS vulnerabilities

From:	Khushboo Vashi <khushboo(dot)vashi(at)enterprisedb(dot)com>
To:	pgadmin-hackers <pgadmin-hackers(at)postgresql(dot)org>
Subject:	[pgAdmin4][Patch]: RM 1527: XSS vulnerabilities
Date:	2016-08-05 09:31:52
Message-ID:	CAFOhELde+D1fo__aTwU8GfoLRsXZTyixb7gngZHmo-_ByaQBrQ@mail.gmail.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgadmin-hackers

Hi,

Please find the attached patch to fix the RM 1527: XSS vulnerabilities.

Fixed items:

1. Tree Node labels while loading, adding and updating the node
2. Error and Success messages of Alertify dialogue
3. Properties dialogue: un-editable controls
4. SQL Editor title

Please review the patch and let me know if I missed something.

Thanks,
Khushboo

Attachment	Content-Type	Size
RM_1527.patch	text/x-patch	4.4 KB

Responses

Re: [pgAdmin4][Patch]: RM 1527: XSS vulnerabilities at 2016-08-05 11:20:08 from Dave Page

Browse pgadmin-hackers by date

	From	Date	Subject
Next Message	Dave Page	2016-08-05 11:20:03	pgAdmin 4 commit: Fix various escaping issues. Fixes #1527
Previous Message	Dave Page	2016-08-04 15:34:54	Re: [pgAdmin4][Patch]: RM1397 - File upload not working in File Manager in pgAdmin4 Runtime