github
/
consul
mirror of https://github.com/hashicorp/consul
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

[Security] Close cross scripting vulnerability (#21342) 

* close vulnerability

* add changelog
pull/21347/head
sarahalsmiller 5 months ago committed by GitHub
parent
7a19d2e7a4
commit
c18c911ac8
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 4 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 3
      .changelog/21342.txt
  2. 2
      agent/kvs_endpoint.go

3
.changelog/21342.txt
Unescape View File

@ -0,0 +1,3 @@
```release-note:security
agent: removed reflected cross-site scripting vulnerability
```

2
agent/kvs_endpoint.go
Unescape View File

@ -293,7 +293,7 @@ func conflictingFlags(resp http.ResponseWriter, req *http.Request, flags ...stri
if _, ok := params[conflict]; ok {
if found {
resp.WriteHeader(http.StatusBadRequest)
fmt.Fprint(resp, "Conflicting flags: "+params.Encode())
fmt.Fprintf(resp, "Conflicting flags: %v\n", params.Encode())
return true
}
found = true

Write Preview
Loading…
Cancel
Save