Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
🔒️ Fix an XSS issue in the user/group delete confirmation
Requires admin rights to exploit in any way. With OctoPrint 1.8.0 all cookies with credentials are http-only and thus not targetable (to my knowledge) by this. CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N, Severity Low
- Loading branch information