linuxserver/Heimdall
1
0
Fork 0
mirror of https://github.com/linuxserver/Heimdall.git synced 2026-02-21 20:20:34 +09:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

fix: Escape app title and tag title on list pages CVE-2022-47968 (#1088)

Browse Source
This commit is contained in:
Attila Kerekes
2023-01-05 19:31:15 +00:00
committed by GitHub
parent cd07d47445
commit a4022ce517
5 changed files with 27 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
resources/views/items/scripts.blade.php
View File

@@ -31,13 +31,13 @@
}
});
// initial load
$('#tile-preview .title').html($('#appname').val());
$('#tile-preview .title').text($('#appname').val());
$('#tile-preview .item').css('backgroundColor', $('#appcolour').val());
$('#tile-preview .app-icon').attr('src', $('#appimage img').attr('src'));
// Updates
$('#appname').on('keyup change', function(e) {
$('#tile-preview .title').html($(this).val());
$('#tile-preview .title').text($(this).val());
})
$('#apptype').on('change', function(e) {
appload($(this).find('option:selected').val());
@@ -178,7 +178,7 @@
if($('#appname').val() === '') {
$('#appname').val(data.name)
}
$('#tile-preview .title').html($('#appname').val());
$('#tile-preview .title').text($('#appname').val());
if(data.custom != null) {
$.get(base+'view/'+data.custom, function(getdata) {
$('#sapconfig').html(getdata).show();