You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@airflow.apache.org by "Alex Guziel (JIRA)" <ji...@apache.org> on 2017/03/27 22:59:41 UTC

[jira] [Created] (AIRFLOW-1047) Airflow logs vulnerable to XSS

Alex Guziel created AIRFLOW-1047:
------------------------------------

             Summary: Airflow logs vulnerable to XSS
                 Key: AIRFLOW-1047
                 URL: https://issues.apache.org/jira/browse/AIRFLOW-1047
             Project: Apache Airflow
          Issue Type: Bug
            Reporter: Alex Guziel
            Assignee: Alex Guziel


Navigating to a page with dag_id param specified as a html tag leads to that tag being rendered due to using Markup tag (which makes html be labeled as safe)



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)