From db8eb0e679b0fd8fd376bb142aa088a9db358d56 Mon Sep 17 00:00:00 2001 From: JisanAR03 Date: Sat, 4 Nov 2023 02:38:55 +0600 Subject: [PATCH 1/2] fix security issue #1552 --- website/views.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/website/views.py b/website/views.py index abe6f8e0a..b5219a377 100644 --- a/website/views.py +++ b/website/views.py @@ -1989,7 +1989,10 @@ def get_score(request): def comment_on_issue(request, issue_pk): - + try: + issue_pk = int(issue_pk) + except ValueError: + raise Http404("Issue does not exist") issue = Issue.objects.filter(pk=issue_pk).first() if request.method == "POST" and isinstance(request.user,User): @@ -2008,10 +2011,7 @@ def comment_on_issue(request, issue_pk): if parent_comment == None: messages.error(request,"Parent comment doesn't exist.") - if isinstance(issue_pk, int): # Check if issue_pk is an integer - return redirect(f"/issue2/{issue_pk}") - else: - raise Http404("Issue does not exist") + return redirect(f"/issue2/{issue_pk}") Comment.objects.create( parent = parent_comment, From 2b9cb44af7bd10b0ad4a3a763ab5c1f12a713972 Mon Sep 17 00:00:00 2001 From: JisanAR03 Date: Sat, 4 Nov 2023 01:39:43 +0600 Subject: [PATCH 2/2] fix security issue OWASP#1346 --- website/static/vendor/bootstrap/js/bootstrap.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/static/vendor/bootstrap/js/bootstrap.js b/website/static/vendor/bootstrap/js/bootstrap.js index c44d6a144..fb19f36e6 100644 --- a/website/static/vendor/bootstrap/js/bootstrap.js +++ b/website/static/vendor/bootstrap/js/bootstrap.js @@ -1481,7 +1481,7 @@ function sanitizeInput(input) { .addClass(placement) .data('bs.' + this.type, this) - this.options.container ? $tip.appendTo(this.options.container) : $tip.insertAfter(this.$element) + this.options.container ? $tip.appendTo(sanitizeSelector(this.options.container)) : $tip.insertAfter(this.$element) this.$element.trigger('inserted.bs.' + this.type) var pos = this.getPosition()