Fix security vulnerability in file manager allowing XSS attack
This commit is contained in:
parent
cd7ec731dc
commit
06ff76e2e9
7 changed files with 25 additions and 10 deletions
11
CHANGELOG.md
11
CHANGELOG.md
|
@ -3,6 +3,17 @@ This file is a running track of new features and fixes to each version of the pa
|
|||
|
||||
This project follows [Semantic Versioning](http://semver.org) guidelines.
|
||||
|
||||
## v0.7.14 (Derelict Dermodactylus)
|
||||
### Fixed
|
||||
* **[SECURITY]** Fixes an XSS vulnerability when performing certain actions in the file manager.
|
||||
|
||||
### Changed
|
||||
* Support for setting a node to listen on ports lower than 1024.
|
||||
* Regenerated database passwords now respect the same settings that were used when initially created.
|
||||
* Cleaned up 2FA QR code generation to use a more up-to-date library and API.
|
||||
* Console charts now properly start at 0 and scale based on server configuration. No more crazy spikes that
|
||||
are due to a change of one unit.
|
||||
|
||||
## v0.7.13 (Derelict Dermodactylus)
|
||||
### Fixed
|
||||
* Fixes a bug with the location update API endpoint throwing an error due to an unexected response value.
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
[![Logo Image](https://cdn.pterodactyl.io/logos/Banner%20Logo%20Black@2x.png)](https://pterodactyl.io)
|
||||
[![Logo Image](https://cdn.pterodactyl.io/logos/new/pterodactyl_logo.png)](https://pterodactyl.io)
|
||||
|
||||
[![Build status](https://img.shields.io/travis/pterodactyl/panel/develop.svg?style=flat-square)](https://travis-ci.org/pterodactyl/panel)
|
||||
[![StyleCI](https://styleci.io/repos/47508644/shield?branch=develop)](https://styleci.io/repos/47508644)
|
||||
|
|
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
@ -29,6 +29,10 @@ class ActionsClass {
|
|||
this.element = undefined;
|
||||
}
|
||||
|
||||
sanitizedString(value) {
|
||||
return $('<div>').text(value).html();
|
||||
}
|
||||
|
||||
folder(path) {
|
||||
let inputValue
|
||||
if (path) {
|
||||
|
@ -296,7 +300,7 @@ class ActionsClass {
|
|||
swal({
|
||||
type: 'warning',
|
||||
title: '',
|
||||
text: 'Are you sure you want to delete <code>' + delName + '</code>?',
|
||||
text: 'Are you sure you want to delete <code>' + this.sanitizedString(delName) + '</code>?',
|
||||
html: true,
|
||||
showCancelButton: true,
|
||||
showConfirmButton: true,
|
||||
|
@ -394,7 +398,7 @@ class ActionsClass {
|
|||
let formattedItems = "";
|
||||
let i = 0;
|
||||
$.each(selectedItems, function(key, value) {
|
||||
formattedItems += ("<code>" + value + "</code>, ");
|
||||
formattedItems += ("<code>" + this.sanitizedString(value) + "</code>, ");
|
||||
i++;
|
||||
return i < 5;
|
||||
});
|
||||
|
@ -407,7 +411,7 @@ class ActionsClass {
|
|||
swal({
|
||||
type: 'warning',
|
||||
title: '',
|
||||
text: 'Are you sure you want to delete the following files: ' + formattedItems + '?',
|
||||
text: 'Are you sure you want to delete the following files: ' + this.sanitizedString(formattedItems) + '?',
|
||||
html: true,
|
||||
showCancelButton: true,
|
||||
showConfirmButton: true,
|
||||
|
@ -536,7 +540,7 @@ class ActionsClass {
|
|||
type: 'error',
|
||||
title: 'Whoops!',
|
||||
html: true,
|
||||
text: error
|
||||
text: this.sanitizedString(error)
|
||||
});
|
||||
});
|
||||
}
|
||||
|
|
|
@ -62,7 +62,7 @@ class ContextMenuClass {
|
|||
|
||||
if (Pterodactyl.permissions.createFiles) {
|
||||
buildMenu += '<li class="divider"></li> \
|
||||
<li data-action="file"><a href="/server/'+ Pterodactyl.server.uuidShort +'/files/add/?dir=' + newFilePath + '" class="text-muted"><i class="fa fa-fw fa-plus"></i> New File</a></li> \
|
||||
<li data-action="file"><a href="/server/'+ Pterodactyl.server.uuidShort +'/files/add/?dir=' + $('<div>').text(newFilePath).html() + '" class="text-muted"><i class="fa fa-fw fa-plus"></i> New File</a></li> \
|
||||
<li data-action="folder"><a tabindex="-1" href="#"><i class="fa fa-fw fa-folder"></i> New Folder</a></li>';
|
||||
}
|
||||
|
||||
|
|
|
@ -44,7 +44,7 @@
|
|||
{!! Theme::js('vendor/lodash/lodash.js') !!}
|
||||
{!! Theme::js('vendor/siofu/client.min.js') !!}
|
||||
@if(App::environment('production'))
|
||||
{!! Theme::js('js/frontend/files/filemanager.min.js?updated-cancel-buttons') !!}
|
||||
{!! Theme::js('js/frontend/files/filemanager.min.js?hash=cd7ec731dc633e23ec36144929a237d18c07d2f0') !!}
|
||||
@else
|
||||
{!! Theme::js('js/frontend/files/src/index.js') !!}
|
||||
{!! Theme::js('js/frontend/files/src/contextmenu.js') !!}
|
||||
|
|
Loading…
Reference in a new issue