Skip to content
Permalink
Browse files Browse the repository at this point in the history
fix: [security] Stored XSS when viewing galaxy cluster relationships
- As reported by Dawid Czarnecki
  • Loading branch information
mokaddem committed Jul 29, 2021
1 parent f318f7c commit af50add
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions app/View/Elements/GalaxyClusters/view_relation_tree.ctp
Expand Up @@ -299,7 +299,7 @@ $randomClass = "relation-{$random}";
.attr("class", "well well-small")
.style('padding', '4px 9px')
.style('white-space', 'nowrap')
.html(function(d) { return d.Relation.referenced_galaxy_cluster_type; })
.text(function(d) { return d.Relation.referenced_galaxy_cluster_type; })

paddingX = 8;
gEnter.append("foreignObject")
Expand All @@ -319,7 +319,7 @@ $randomClass = "relation-{$random}";
.style('background-color', tag.colour)
.style('color', getTextColour(tag.colour))
.style('display', 'inline')
.html(tag.name)
.text(tag.name)
});
}
});
Expand Down

0 comments on commit af50add

Please sign in to comment.