mirror of
https://github.com/Ylianst/MeshCentral.git
synced 2025-12-03 06:22:28 -05:00
04c96eb2ff
* Fixed filenames not being escaped when editing files This allowed a possible XSS by naming a file in a particular way on your device. * Fixed HTML generation in webserver not escaping most things from req.query This would allow XSS through a very simple phishing attack * Added HtmlEscape to Mobile default as well * Added sanitization to SAML redirect and Twitter/Azure
472 KiB
472 KiB