openstack
/
manila-ui
Code Issues Proposed changes
manila-ui/manila_ui/dashboards/project
History
Valeriy Ponomaryov fca19a1b0d Fix metadata_to_str function code injection vulnerability 
It is possible to inject HTML/JavaScript code into shares table
member page setting metadata to shares and share types table admin page
setting extra specs. So, escape HTML-specific symbols in output
string of 'metadata_to_str' function to make it interpreted
as string and not as code.

Change-Id: Ied567e06d91941e9aaac7d3117e03cd1770fb75e
Security-Fix
Closes-Bug: #1597738
 		2016-09-28 14:53:11 +03:00
..
shares Fix metadata_to_str function code injection vulnerability 2016-09-28 14:53:11 +03:00
__init__.py Upgrade to django 1.7 2015-04-23 17:08:03 -07:00
config.py Clean imports in code 2016-09-15 09:47:57 +07:00