NeoAnd/netbox
1
0
Fork 0
mirror of https://github.com/netbox-community/netbox.git synced 2026-01-15 08:12:18 -06:00
Code Issues Actions 13 Packages Projects Releases Wiki Activity

Fixes #20009: Fix DOM-based XSS vulnerability in search export functionality

Browse Source 
Replace direct string concatenation with URLSearchParams to properly
encode user input in export link URLs, preventing injection of malicious
parameters or scripts through the search functionality.

Resolves CodeQL Alert #63 (js/xss-through-dom)
This commit is contained in:
Jason Novinger
2025-08-01 15:14:09 -05:00
committed by Jeremy Stretch
parent bb83187505
commit 2c09973e01
3 changed files with 7 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
netbox/project-static/dist/netbox.js vendored
View File

File diff suppressed because one or more lines are too long