Mercurial > p > roundup > code
annotate website/www/olderdocs.txt @ 8356:63390dcfcfe9
bug: fix template use of structure with untrusted data
Looks like an xSS bug with an early version of the template that was
fixed in the code but never in the deployed tracker. It has been a
while since this particular construct has been in the classic template
which is the base for the tracker.
This has been fixed on the deployed tracker as well.
reported by 4bug of ChaMd5 Security Team H1 Group
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Tue, 08 Jul 2025 10:23:09 -0400 |
| parents | 2ab234484708 |
| children |
| rev | line source |
|---|---|
|
7322
485cecfba982
Simplify TOC; older docs pushed a level down; Consolidate debugging
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
1 Other Docs |
|
485cecfba982
Simplify TOC; older docs pushed a level down; Consolidate debugging
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
2 ========== |
|
485cecfba982
Simplify TOC; older docs pushed a level down; Consolidate debugging
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
3 |
|
485cecfba982
Simplify TOC; older docs pushed a level down; Consolidate debugging
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
4 .. toctree:: |
|
485cecfba982
Simplify TOC; older docs pushed a level down; Consolidate debugging
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
5 :maxdepth: 2 |
|
485cecfba982
Simplify TOC; older docs pushed a level down; Consolidate debugging
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
6 |
|
485cecfba982
Simplify TOC; older docs pushed a level down; Consolidate debugging
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
7 docs/upgrading-history |
|
485cecfba982
Simplify TOC; older docs pushed a level down; Consolidate debugging
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
8 |
|
485cecfba982
Simplify TOC; older docs pushed a level down; Consolidate debugging
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
9 docs/tracker_templates |
|
485cecfba982
Simplify TOC; older docs pushed a level down; Consolidate debugging
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
10 |
|
485cecfba982
Simplify TOC; older docs pushed a level down; Consolidate debugging
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
11 Design Overview <docs/overview> |
|
485cecfba982
Simplify TOC; older docs pushed a level down; Consolidate debugging
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
12 Design (original) <docs/design> |
|
485cecfba982
Simplify TOC; older docs pushed a level down; Consolidate debugging
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
13 |
|
7787
2ab234484708
docs: add older docs and link them from a Sphinx controlled doc
John Rouillard <rouilj@ieee.org>
parents:
7322
diff
changeset
|
14 Software Carpentry and Short Papers <docs/sc> |
|
2ab234484708
docs: add older docs and link them from a Sphinx controlled doc
John Rouillard <rouilj@ieee.org>
parents:
7322
diff
changeset
|
15 |
|
7322
485cecfba982
Simplify TOC; older docs pushed a level down; Consolidate debugging
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
16 docs/developers |
|
485cecfba982
Simplify TOC; older docs pushed a level down; Consolidate debugging
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
17 |
|
485cecfba982
Simplify TOC; older docs pushed a level down; Consolidate debugging
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
18 Notes about the MySQL Database backend <docs/mysql> |
|
485cecfba982
Simplify TOC; older docs pushed a level down; Consolidate debugging
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
19 Notes about the PostgreSQL Database backend <docs/postgresql> |
|
485cecfba982
Simplify TOC; older docs pushed a level down; Consolidate debugging
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
20 |
|
485cecfba982
Simplify TOC; older docs pushed a level down; Consolidate debugging
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
21 Richard Jones implementation notes <docs/implementation> |
|
485cecfba982
Simplify TOC; older docs pushed a level down; Consolidate debugging
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
22 docs/security-history |