vh/NetAlertX
1
0
Fork 0
mirror of https://github.com/jokob-sk/NetAlertX.git synced 2026-04-02 16:22:20 -07:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge pull request #1582 from navnitan-7/fix/cve-2015-9251-jquery-ajax
Some checks are pending
✅ Code checks / check-url-paths (push) Waiting to run
Details
✅ Code checks / lint (push) Waiting to run
Details
✅ Code checks / docker-tests (push) Waiting to run
Details
🐳 👩‍💻 docker dev / docker_dev (push) Waiting to run
Details
📘 Deploy MkDocs / deploy (push) Waiting to run
Details

Browse Source 
Potential Vulnerability in Cloned Code
This commit is contained in:
Jokob @NetAlertX
2026-04-02 07:42:51 +11:00
committed by GitHub
parent d17256cff6 8b80a6d59c
commit 4c7ea21bd8
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
front/lib/datatables/datatables.js
View File

@@ -9059,6 +9059,11 @@ function ajaxConvert( s, response, jqXHR, isSuccess ) {
// Convert response if prev dataType is non-auto and differs from current
} else if ( prev !== "*" && prev !== current ) {
// Mitigate possible XSS vulnerability (gh-2432)
if ( s.crossDomain && current === "script" ) {
continue;
}
// Seek a direct converter
conv = converters[ prev + " " + current ] || converters[ "* " + current ];