Mercurial Repository: p/roundup/code: website/issues/html/msg.item.html history

http://hg.code.sf.net:8000/p/roundup/code/atom-log/tip/website/issues/html/msg.item.html Mercurial Repository: p/roundup/code: website/issues/html/msg.item.html history 2025-07-11T19:30:27-04:00 bug(security): CVE-2025-53865 - XSS bug http://hg.code.sf.net:8000/p/roundup/code/#changeset-4ac0bbb3e440678d1f591777ceb5b43e360d3d25 John Rouillard rouilj@ieee.org 2025-07-11T19:30:27-04:00 2025-07-11T19:30:27-04:00

changeset	4ac0bbb3e440
branch
bookmark
tag
user	John Rouillard <rouilj@ieee.org>
description	bug(security): CVE-2025-53865 - XSS bug Extensive fixes in devel, responsive templates known to be exploitable. Similar constructs in classic and minimal templates not known to be exploitable, but changed anyway. doc/upgrading.txt: Reformat to 66 characters. Update with assigned CVE number. Add section on fixing tal:replace with unsafe data. Document analysis and assumptions in comment in file. doc/security.txt: Update with CVE number.
files

Adding @csrf tokens to all forms using post method. http://hg.code.sf.net:8000/p/roundup/code/#changeset-f63a2b15e6282e1b0b55d3b178ce4a3dbacaac83 John Rouillard rouilj@ieee.org 2017-09-24T21:17:51-04:00 2017-09-24T21:17:51-04:00

changeset	f63a2b15e628
branch
bookmark
tag
user	John Rouillard <rouilj@ieee.org>
description	Adding @csrf tokens to all forms using post method.
files

[website] svn repository setup http://hg.code.sf.net:8000/p/roundup/code/#changeset-c2d0d3e9099db60e3178bfd953f6443bb3ba9f9e Stefan Seefeld stefan@users.sourceforge.net 2009-02-06T13:16:31+00:00 2009-02-06T13:16:31+00:00

changeset	c2d0d3e9099d
branch	website
bookmark
tag
user	Stefan Seefeld <stefan@users.sourceforge.net>
description	svn repository setup
files