You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: MyApp/_pages/releases/v8_09.md
+3-2Lines changed: 3 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -3141,7 +3141,8 @@ customizations see the [API Explorer Docs](https://docs.servicestack.net/api-exp
3141
3141
3142
3142
## XSS Vulnerability fixed in HtmlFormat.html
3143
3143
3144
-
Late in this release cycle a Customer has reported a DOM XSS vulnerability in ServiceStack's built-in HtmlFormat.html page which has been fixed in [this commit](https://github.com/ServiceStack/ServiceStack/commit/76df4609410f7b440c3fb153371a1d29b9c06ac0) and available from this ServiceStack v8.9+ release.
3144
+
Late in this release cycle a Customer has reported a DOM XSS vulnerability in ServiceStack's built-in
3145
+
[Auto HTML API](/auto-html-api) page that has been fixed in [this commit](https://github.com/ServiceStack/ServiceStack/commit/76df4609410f7b440c3fb153371a1d29b9c06ac0) and available from this ServiceStack v8.9+ release.
3145
3146
3146
3147
Alternatively it can also be prevented by rejecting requests with `"` in its path:
3147
3148
@@ -3166,4 +3167,4 @@ SetConfig(new HostConfig {
3166
3167
})
3167
3168
```
3168
3169
3169
-
To improve visibility of future security issues we've created a [Security Vulnerabilities Watchlist](https://github.com/ServiceStack/Discuss/discussions/150), please follow this thread to get notified of any updates.
3170
+
To improve visibility of future security issues we've also created a [Security Vulnerabilities Watchlist](https://github.com/ServiceStack/Discuss/discussions/150), please follow this thread to get notified of any updates.
0 commit comments