PROJECT-CONTORL

egg/PROJECT-CONTORL

Fork 0

Commit Graph

Author	SHA1	Message	Date
beabigegg	3da0bf5c3a	security: fix XSS vulnerabilities in GanttChart and AuditPage - Add escapeHtml utility function for HTML entity encoding - Apply escapeHtml to GanttChart popup HTML template - Apply escapeHtml to AuditPage PDF export HTML template This prevents potential XSS attacks if task names, user names, or other dynamic content contains malicious HTML/JavaScript. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-01-13 21:26:06 +08:00

Author

SHA1

Message

Date

beabigegg

3da0bf5c3a

security: fix XSS vulnerabilities in GanttChart and AuditPage

- Add escapeHtml utility function for HTML entity encoding
- Apply escapeHtml to GanttChart popup HTML template
- Apply escapeHtml to AuditPage PDF export HTML template

This prevents potential XSS attacks if task names, user names,
or other dynamic content contains malicious HTML/JavaScript.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2026-01-13 21:26:06 +08:00

1 Commits