Skip to content

Commit

Permalink
Possible issuer XSS attack
Browse files Browse the repository at this point in the history
  • Loading branch information
@Levminer
Levminer committed Dec 17, 2021
1 parent e6c0c24 commit 0eb781e
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 2 deletions.
4 changes: 3 additions & 1 deletion app/edit/src/js/index.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -178,7 +178,7 @@ const go = () => {
div.innerHTML = `
<div id="grid${[counter]}" class="flex flex-col md:w-4/5 lg:w-2/3 mx-auto rounded-2xl bg-gray-800 mb-20">
<div class="flex justify-center items-center">
<h2>${issuers[counter]}</h2>
<h2 id="names${[counter]}">Name</h2>
</div>
<div class="flex justify-center items-center">
<input class="input w-[320px]" type="text" id="edit_inp_${[counter]}" value="${names[counter]}" readonly/>
Expand All @@ -201,6 +201,8 @@ const go = () => {
div.setAttribute("id", counter)
codes_container.appendChild(div)

document.querySelector(`#names${[counter]}`).textContent = `${issuers[counter]}`

counter++
}

Expand Down
4 changes: 3 additions & 1 deletion app/settings/src/js/shortcuts.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -494,7 +494,7 @@ const generateCodes = () => {
const element = `
<div class="flex flex-col md:w-4/5 lg:w-2/3 mx-auto rounded-2xl bg-gray-800 mb-20">
<div class="flex justify-center items-center">
<h3>${issuers[i]}</h3>
<h3 id="issuers${i}">Shortcut</h3>
</div>
<div class="flex justify-center items-center">
<input class="input" disabled type="text" id="qs${i}_input" value="${content}"/>
Expand All @@ -517,6 +517,8 @@ const generateCodes = () => {
const div = document.createElement("div")
div.innerHTML = element
document.querySelector(".quick").appendChild(div)

document.querySelector(`#issuers${i}`).textContent = `${issuers[i]}`
}
}

Expand Down

0 comments on commit 0eb781e

Please sign in to comment.