mirrors/CyberChef
1
0
Fork 0
mirror of https://github.com/gchq/CyberChef.git synced 2025-04-24 16:56:15 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fixed reflected XSS described in issue 1265

Browse source
This commit is contained in:
Alex Chambers_Jones 2021-10-29 17:59:02 +01:00
parent ae1b12c120
commit d2174725a9
3 changed files with 7 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

3
src/core/lib/Charts.mjs
View file

@ -6,6 +6,7 @@
*/
import OperationError from "../errors/OperationError.mjs";
import Utils from "../Utils.mjs";
/**
* @constant
@ -128,7 +129,7 @@ export function getScatterValuesWithColour(input, recordDelimiter, fieldDelimite
if (Number.isNaN(x)) throw new OperationError("Values must be numbers in base 10.");
if (Number.isNaN(y)) throw new OperationError("Values must be numbers in base 10.");
return [x, y, colour];
return [x, y, Utils.escapeHtml(colour)];
});
return { headings, values };