From 22fc9617b053a935305b802151fa0a4e3d3ee444 Mon Sep 17 00:00:00 2001 From: Shirish Upadhyay Date: Sun, 15 May 2022 01:42:31 +0530 Subject: [PATCH 1/2] Fix xss in import target --- web/targetApp/templates/target/add.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/targetApp/templates/target/add.html b/web/targetApp/templates/target/add.html index edd6f97d1..5bff02356 100644 --- a/web/targetApp/templates/target/add.html +++ b/web/targetApp/templates/target/add.html @@ -325,7 +325,7 @@
}); function showname (file, id) { - $(id).html('Selected file: ' + file.files.item(0).name); + $(id).html('Selected file: ' + htmlEncode(file.files.item(0).name)); }; function show_whois(){ From 213bcee4b6e2243240cbcaba2338e3fa8ab551ed Mon Sep 17 00:00:00 2001 From: Shirish Upadhyay Date: Sun, 15 May 2022 01:45:24 +0530 Subject: [PATCH 2/2] Updated Security --- .github/SECURITY.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/SECURITY.md b/.github/SECURITY.md index 0c970a9a9..7e0dd6639 100644 --- a/.github/SECURITY.md +++ b/.github/SECURITY.md @@ -7,7 +7,7 @@ Thank you for your interest in reporting vulnerabilities to reNgine! If you are **Please do not disclose any vulnerabilities via Github Issues/Blogs/Tweets after/before reporting on huntr.dev as it is explicitly against huntr.dev and reNgine disclosure policy and will not be eligible for monetary rewards.** -Please note that the maintainer of reNgine does not determine the bounty amount. +Please note that the maintainer of reNgine does not determine the bounty amount. The bounty reward is determined by industry-first equation from huntr.dev to understand the popularity, impact and value of repositories to the open source community. **What do we expect from security researchers?** @@ -32,6 +32,8 @@ Please find the [FAQ](https://www.huntr.dev/faq) and [Responsible disclosure pol * Several Instances of XSS in reNgine 1.0 (#460, #459, #458, #457, #456, #455), Reported by [Binit Ghimire](https://github.com/TheBinitGhimire) +* [Stored XSS](https://huntr.dev/bounties/dfd440ba-4330-413c-8b21-a3d8bf02a67e/) on Import Targets via filename, Reported by [Veeshraj Ghimire](https://github.com/V35HR4J) + **reNgine thanks the following people for making a responsible disclosure and helping the community make reNgine safer!** * [onemishra](https://github.com/omemishra)