Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE
rabbitmq-server.20991
fix-CVE-2021-32719.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File fix-CVE-2021-32719.patch of Package rabbitmq-server.20991
From f191414dbc2ca738f313bb31e432d57870922892 Mon Sep 17 00:00:00 2001 From: Patrik Ragnarsson <patrik@starkast.net> Date: Sat, 19 Jun 2021 09:23:12 +0200 Subject: [PATCH] Escape the consumer-tag value in federation mgmt Patches persistent XSS. --- .../priv/www/js/tmpl/federation-upstreams.ejs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deps/rabbitmq_federation_management/priv/www/js/tmpl/federation-upstreams.ejs b/deps/rabbitmq_federation_management/priv/www/js/tmpl/federation-upstreams.ejs index 5b3e14d0638..838eac1eb3b 100644 --- a/deps/rabbitmq_federation_management/priv/www/js/tmpl/federation-upstreams.ejs +++ b/deps/rabbitmq_federation_management/priv/www/js/tmpl/federation-upstreams.ejs @@ -45,7 +45,7 @@ <td class="r"><%= fmt_time(upstream.value['message-ttl'], 'ms') %></td> <td class="r"><%= fmt_string(upstream.value['ha-policy']) %></td> <td class="r"><%= fmt_string(upstream.value['queue']) %></td> - <td class="r"><%= upstream.value['consumer-tag'] %></td> + <td class="r"><%= fmt_string(upstream.value['consumer-tag']) %></td> </tr> <% } %> </tbody>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor