Bug #824

App.kit is not filtering everything

Added by jhein over 3 years ago. Updated over 3 years ago.

Status:ResolvedStart date:09/26/2010
Priority:NormalDue date:
Assignee:-% Done:

100%

Category:-
Target version:-
Icinga Version: DB Type:
Icinga Web Version: DB Version:
IDO Version: Browser Version:
OS Version:

Description

Hi all

The demo let's me alter the language preferences to an unknown language.

AppKit.setPreferences({"org.icinga.appkit.locale":"'';<!--\"<script>alert(document.cookie);<\/script>"

Best regards,

Hans

Associated revisions

Revision 5337f9eb
Added by mhein over 3 years ago

  • Disabled free edit of language preference (fixes #824)

History

#1 Updated by mhein over 3 years ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

Also available in: Atom PDF