Mercurial > p > roundup > code
view website/issues/html/user.help.html @ 8062:28aa76443f58
fix(security): fix CVE-2024-39124, CVE-2024-39124, and CVE-2024-39125
Directions for fixing:
* `CVE-2024-39124`_ - :ref:`classhelpers (_generic.help.html) are
vulnerable to an XSS attack. <CVE-2024-39124>` Requires fixing
tracker homes.
* `CVE-2024-39125`_ - :ref:`if Referer header is set to a script
tag, it will be executed. <CVE-2024-39125>` Fixed in release 2.4.0,
directions available for fixing in prior versions.
* `CVE-2024-39126`_ - :ref:`PDF, XML and SVG files downloaded from
an issue can contain embedded JavaScript which is
executed. <CVE-2024-39126>` Fixed in release 2.4.0, directions
available for fixing in prior versions.
prior to 2.4.0 release this weekend that fixes the last two CVE's.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Tue, 09 Jul 2024 09:07:09 -0400 |
| parents | 7146b68ac263 |
| children |
line wrap: on
line source
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html tal:define="property request/form/property/value; qs request/env/QUERY_STRING; qs python:'&'.join([a for a in qs.split('&') if not a.startswith('@template=')]); form request/form/form/value; field request/form/property/value"> <head> <link rel="stylesheet" type="text/css" href="@@file/style.css" /> <meta http-equiv="Content-Type" tal:attributes="content string:text/html;; charset=${request/client/charset}" /> <tal:block tal:condition="python:'property' in request.form"> <title><tal:x i18n:translate=""><tal:x i18n:name="property" tal:content="property" i18n:translate="" /> help - <span i18n:name="tracker" tal:replace="config/TRACKER_NAME" /></tal:x></title> <script language="Javascript" type="text/javascript" tal:attributes="nonce request/client/client_nonce" tal:condition=false tal:content="string: // this is the name of the field in the original form that we're working on form = window.opener.document.${form}; field = '${field}';"> </script> <script src="@@file/help_controls.js" tal:attributes="nonce request/client/client_nonce" tal:condition=false type="text/javascript"><!-- //--></script> </tal:block> </head> <frameset rows="123,*,62"> <frame src="#" tal:attributes="src string:?@template=help-search&${qs}" name="search"> <!-- for search results: help-list --> <frame tal:attributes="src string:?@template=help-empty&${qs}" name="list"> <frame tal:attributes="src string:?@template=help-submit&${qs}" name="submit"> <!-- --> </frameset> <noframes> <body> <p i18n:translate=""> Your browser is not capable of using frames; you should be redirected immediately, or visit <a href="#" tal:attributes="href string:?${qs}&template=help-noframes" i18n:name="link">this link</a>. </p> </body> </noframes> </html>