Skip to content
This repository has been archived by the owner on Mar 12, 2024. It is now read-only.

User input is not verified #49

Closed
dvasunin opened this issue May 12, 2023 · 0 comments · Fixed by #51
Closed

User input is not verified #49

dvasunin opened this issue May 12, 2023 · 0 comments · Fixed by #51
Labels
bug Something isn't working

Comments

@dvasunin
Copy link
Contributor

dvasunin commented May 12, 2023
edited
Loading

Description

attribute names and values can contain malicious symbols. Possible XSS

Impact

Client database may get corrupted

Proposed solution

check user input against a pattern before allowing to create/change an attribute
@dvasunin dvasunin added the documentation Improvements or additions to documentation label May 12, 2023
@SebastianBezold SebastianBezold added bug Something isn't working and removed documentation Improvements or additions to documentation labels May 12, 2023
dvasunin added a commit to catenax-ng/tx-daps-registration-service that referenced this issue May 12, 2023
@dvasunin
fix eclipse-tractusx#49 Validate attributes
9eb06d9
@dvasunin dvasunin mentioned this issue May 12, 2023
Merged
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Validate attributes catenax-ng/tx-daps-registration-service
2 participants
@dvasunin @SebastianBezold