Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Single quotes not escaped. #5

Closed
thezim opened this issue Sep 9, 2015 · 2 comments
Closed

Single quotes not escaped. #5

thezim opened this issue Sep 9, 2015 · 2 comments
Labels
jackleg

Comments

@thezim
Copy link
Owner

thezim commented Sep 9, 2015

I found when doing:

Get-Content -Path .\stig.ckl | ConvertTo-Json -depth 4

That the single quotes are getting messed up. The stigviewer generated the stig.ckl file but failed to escape the single quote characters as it should have to be compliant with the XML standard. Exporting of the data from the module will cause display issues if this is not fixed. I'm on the fence with this one as it is a garbage in garbage out thing. Will have to test if the stigviewer builtin checklist exports to CSV generates the same mangled characters.
@thezim
Copy link
Owner Author

thezim commented Sep 9, 2015

This will demonstrate the issue.

(Get-Checklist -Path .\stig.ckl).Vulnerabilities[13].Data.VulnDiscuss

Security is everyone’s responsibility

@thezim
Copy link
Owner Author

thezim commented Sep 9, 2015

Will need to see if user input (Comments field) from stigviewer is not getting escaped as well.

@thezim thezim added the jackleg label Sep 9, 2015
@thezim thezim closed this as completed in 2a280db Sep 10, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
jackleg
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@thezim