status-im
/
consul
mirror of https://github.com/status-im/consul.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

[Security] Close cross scripting vulnerability (#21342) 

* close vulnerability

* add changelog
This commit is contained in:
sarahalsmiller 2024-06-17 12:54:37 -05:00 committed by GitHub
parent 7a19d2e7a4
commit c18c911ac8
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.changelog/21342.txt Normal file
View File

@ -0,0 +1,3 @@
```release-note:security
agent: removed reflected cross-site scripting vulnerability
```

2
agent/kvs_endpoint.go
View File

@ -293,7 +293,7 @@ func conflictingFlags(resp http.ResponseWriter, req *http.Request, flags ...stri
if _, ok := params[conflict]; ok { if _, ok := params[conflict]; ok {
if found { if found {
resp.WriteHeader(http.StatusBadRequest) resp.WriteHeader(http.StatusBadRequest)
fmt.Fprint(resp, "Conflicting flags: "+params.Encode()) fmt.Fprintf(resp, "Conflicting flags: %v\n", params.Encode())
return true return true
} }
found = true found = true