rick/LEDMatrix
1
0
Fork 0
mirror of https://github.com/ChuckBuilds/LEDMatrix.git synced 2026-04-11 05:13:01 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
c80c23cd08334a33e1534a1e32b13a490969c873
LEDMatrix/web_interface/templates/v3
History
Chuck c80c23cd08 fix(security): Fix XSS vulnerability in handleCustomFeedLogoUpload 
Replace innerHTML usage with safe DOM manipulation using createElement
and setAttribute to prevent XSS when injecting uploadedFile.path and
uploadedFile.id values.

- Clear logoCell using textContent instead of innerHTML
- Create all DOM elements using document.createElement
- Set uploadedFile.path and uploadedFile.id via setAttribute (automatically escaped)
- Properly structure DOM tree by appending elements in order
- Prevents malicious HTML/script injection through file path or ID values
2026-01-08 12:27:41 -05:00
..
partials
feat(web): Add checkbox-group widget support for plugin config arrays
2026-01-06 17:51:26 -05:00
base.html
fix(security): Fix XSS vulnerability in handleCustomFeedLogoUpload
2026-01-08 12:27:41 -05:00
index.html
Plugins (#145)
2025-12-27 14:15:49 -05:00