Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Lack of escaping on template import can lead to XSS exposure under 'midwinter' theme (CVE-2020-14424) #4261

merged 2 commits into from May 17, 2021


Copy link

No description provided.

Copy link

@netniV netniV left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As this relates to a change in a previous release, can you add it again to the CHANGELOG under the current version with the appropriate title?

@netniV netniV merged commit d12800a into Cacti:1.2.x May 17, 2021
@ddb4github ddb4github deleted the merge3628 branch May 18, 2021 08:48
@netniV netniV changed the title Fixed: Merge solution of #3628 to 'midwinter' theme(CVE-2020-14424) Lack of escaping on template import can lead to XSS exposure under 'midwinter' theme (CVE-2020-14424) Jul 4, 2021
@netniV netniV added this to the 1.2.18 milestone Jul 4, 2021
@github-actions github-actions bot locked and limited conversation to collaborators Oct 3, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
None yet
None yet

Successfully merging this pull request may close these issues.

None yet

2 participants