mirrors/CyberChef
1
0
Fork 0
mirror of https://github.com/gchq/CyberChef.git synced 2025-04-23 00:06:17 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix XSS for To Table operation and Magic button

Browse source
This commit is contained in:
j433866 2019-01-31 15:18:37 +00:00
parent 6f8a5ea1be
commit 8b44927cb6
2 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
src/core/operations/ToTable.mjs
View file

@ -57,7 +57,7 @@ class ToTable extends Operation {
const [cellDelims, rowDelims, firstRowHeader, format] = args;
// Process the input into a nested array of elements.
const tableData = Utils.parseCSV(input, cellDelims.split(""), rowDelims.split(""));
const tableData = Utils.parseCSV(Utils.escapeHtml(input), cellDelims.split(""), rowDelims.split(""));
if (!tableData.length) return "";