kantinen-wrapper

kaufi/kantinen-wrapper

Fork 0

Commit Graph

Author	SHA1	Message	Date
google-labs-jules[bot]	a2b2ec227f	security: escape dynamic content in innerHTML to prevent XSS This commit addresses several XSS vulnerabilities by ensuring that dynamic data from external APIs (GitHub) and error messages are properly escaped before being rendered via innerHTML. Affected areas: - openVersionMenu error handling and version list - showErrorModal title and button text - showToast message content All changes were verified with a reproduction test case. Co-authored-by: TauNeutrino <1600410+TauNeutrino@users.noreply.github.com>	2026-03-10 12:37:54 +00:00

Author

SHA1

Message

Date

google-labs-jules[bot]

a2b2ec227f

security: escape dynamic content in innerHTML to prevent XSS

This commit addresses several XSS vulnerabilities by ensuring that
dynamic data from external APIs (GitHub) and error messages are
properly escaped before being rendered via innerHTML.

Affected areas:
- openVersionMenu error handling and version list
- showErrorModal title and button text
- showToast message content

All changes were verified with a reproduction test case.

Co-authored-by: TauNeutrino <1600410+TauNeutrino@users.noreply.github.com>

2026-03-10 12:37:54 +00:00

1 Commits