Mercurial > p > roundup > code
view website/issues/html/_generic.help-list.html @ 8062:28aa76443f58
fix(security): fix CVE-2024-39124, CVE-2024-39124, and CVE-2024-39125
Directions for fixing:
* `CVE-2024-39124`_ - :ref:`classhelpers (_generic.help.html) are
vulnerable to an XSS attack. <CVE-2024-39124>` Requires fixing
tracker homes.
* `CVE-2024-39125`_ - :ref:`if Referer header is set to a script
tag, it will be executed. <CVE-2024-39125>` Fixed in release 2.4.0,
directions available for fixing in prior versions.
* `CVE-2024-39126`_ - :ref:`PDF, XML and SVG files downloaded from
an issue can contain embedded JavaScript which is
executed. <CVE-2024-39126>` Fixed in release 2.4.0, directions
available for fixing in prior versions.
prior to 2.4.0 release this weekend that fixes the last two CVE's.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Tue, 09 Jul 2024 09:07:09 -0400 |
| parents | 7146b68ac263 |
| children | 2af261671cd0 |
line wrap: on
line source
<!-- vim: sw=2 ts=8 et --> <html tal:define="vok context/is_view_ok"> <head> <title>Search result for user helper</title> <link rel="stylesheet" type="text/css" href="@@file/style.css" /> <script language="Javascript" type="text/javascript" tal:attributes="nonce request/client/client_nonce" tal:content="string: // this is the name of the field in the original form that we're working on form = parent.opener.document.${request/form/form/value}; field = '${request/form/property/value}';"></script> <script src="@@file/help_controls.js" tal:attributes="nonce request/client/client_nonce" type="text/javascript"></script> <script type="text/javascript" tal:attributes="nonce request/client/client_nonce"><!-- var text_field = parent.submit.document.frm_help.text_preview; //--></script> </head> <body> <pre tal:content="request/env/QUERY_STRING" tal:condition=false /> <p tal:condition="not:vok" i18n:translate="">You are not allowed to view this page.</p> <tal:if condition="context/is_view_ok"> <tal:def define="batch request/batch;"> <form name=dummyform> <table width="100%" tal:define="template string:help-list" metal:use-macro="templates/help/macros/batch_navi" > <tr class="navigation"> <th> <a href="#"><< previous</a> </th> <th i18n:translate="">1..25 out of 50 </th> <th> <a href="#">next >></a> </th> </tr> </table> <form name=dummyform> <table class="classhelp" tal:define=" props python:request.form['properties'].value.split(','); legend templates/help/macros/legend; "><thead> <tr metal:use-macro="legend"> <th> <b>x</b></th> <th tal:repeat="prop props" tal:content="prop" i18n:translate=""></th> </tr> </thead> <tfoot tal:condition=true> <tr metal:use-macro="legend" /> </tfoot> <tbody> <tr tal:repeat="item batch"> <tal:block tal:define="attr python:item[props[0]]" > <td> <input name="check" onclick="switch_val(text_field, this);" type="checkbox" tal:attributes="value attr; id string:id_$attr" /> </td> <td tal:repeat="prop props"> <label class="classhelp-label" tal:attributes="for string:id_$attr" tal:content="python:item[prop]"></label> </td> </tal:block> </tr> </tbody> </table> </form> </tal:def> </tal:if> <pre tal:content=request tal:condition=false /> <script type="text/javascript" tal:attributes="nonce request/client/client_nonce"><!-- parent.submit.document.frm_help.cb_listpresent.checked=true; reviseList_framed(document.dummyform, text_field) //--></script> </body> </html> <!-- SHA: 7581a18984d95c2c415df046cfbdda73ad95651e -->