rick/LEDMatrix
1
0
Fork 0
mirror of https://github.com/ChuckBuilds/LEDMatrix.git synced 2026-04-11 05:13:01 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
c80c23cd08334a33e1534a1e32b13a490969c873
LEDMatrix/web_interface/templates
History
Chuck c80c23cd08 fix(security): Fix XSS vulnerability in handleCustomFeedLogoUpload 
Replace innerHTML usage with safe DOM manipulation using createElement
and setAttribute to prevent XSS when injecting uploadedFile.path and
uploadedFile.id values.

- Clear logoCell using textContent instead of innerHTML
- Create all DOM elements using document.createElement
- Set uploadedFile.path and uploadedFile.id via setAttribute (automatically escaped)
- Properly structure DOM tree by appending elements in order
- Prevents malicious HTML/script injection through file path or ID values
2026-01-08 12:27:41 -05:00
..
v3
fix(security): Fix XSS vulnerability in handleCustomFeedLogoUpload
2026-01-08 12:27:41 -05:00