Andreas/tracks
1
0
Fork 0
mirror of https://github.com/TracksApp/tracks.git synced 2025-12-16 23:30:12 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix reflected XSS vulnerability on the stats page

Browse source
This commit is contained in:
Jyri-Petteri Paloposki 2024-07-25 14:53:04 +03:00
parent 0fc66953c0
commit c23ca0574e
1 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
app/views/stats/show_selection_from_chart.html.erb
View file

@ -4,8 +4,8 @@
unless @further unless @further
-%> -%>
<%= raw t('stats.click_to_show_actions_from_week', <%= raw t('stats.click_to_show_actions_from_week',
:link => link_to("here", show_actions_from_chart_path(:id=>"#{params[:id]}_end", :index => params[:index])), :link => link_to("here", show_actions_from_chart_path(:id=>"#{params[:id].to_i}_end", :index => params[:index].to_i)),
:week => params[:index]) :week => params[:index].to_i)
-%> -%>
<% <%
end end