sbp commented on issue #554:
URL:
https://github.com/apache/tooling-trusted-releases/issues/554#issuecomment-3800309217
@Abhishekmishra2808 I tested the `checklist_content` function by changing
the value of `{{COMMITTEE}}` to be a constant `'<script>console.log("ERROR:
susceptible to XSS");</script>'`. The only path that I could find for any
substitution becoming HTML ended up at `/checklist/<project>/<version>`. The
constant `<script>` element was rendered on that page as `<!-- raw HTML omitted
-->`. I did not test any other value, but your taint analysis as stated is
inaccurate, and therefore I am closing your PR. If you submit a new PR for this
issue, please ensure that it is accompanied by accurate and comprehensive taint
analysis.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
