arno/privatebin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
A minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256 bits AES. https://privatebin.info
161 Commits 5 Branches 9 Tags 10 MiB
Dockerfile 100%
daf5522b1e
Go to file
Sebastien SAUVAGE daf5522b1e Potentiel security bug corrected 
Bug reproduction: 1) paste texte containing html/javascript. 2) send 3)
clic "Raw text"  4) refresh: The html/javascript is interpreted instead
of just displayed.
Under some versions of Chrome, it happens without refreshing.
This bug was corrected.

(cherry picked from commit 4f8750bbddcb137213529875e45e3ace3be9a769)
2015-08-15 22:24:25 +02:00
cfg fixing regressions from cherrypicking 2015-08-15 21:39:08 +02:00
css XSS flaw correction 2015-08-15 22:01:43 +02:00
img
js Potentiel security bug corrected 2015-08-15 22:24:25 +02:00
lib Stronger server salt 2015-08-15 22:18:57 +02:00
tpl fixing regressions from cherrypicking 2015-08-15 21:39:08 +02:00
tst
.gitignore
CHANGELOG.md XSS flaw correction 2015-08-15 22:01:43 +02:00
CREDITS.md
index.php XSS flaw correction 2015-08-15 22:01:43 +02:00
INSTALL.md
README.md XSS flaw correction 2015-08-15 22:01:43 +02:00
robots.txt