Deal with quill security vulnerability

Description

Github says:

CVE-2021-3163

A vulnerability in the HTML editor of Slab Quill allows an attacker to execute arbitrary JavaScript by storing an XSS payload (a crafted onloadstart attribute of an IMG element) in a text field. No patch exists and no further releases are planned.

Review if we even need quill or check the impact of this vulnerability.

Problem/Justification

None

Impact

None

SmartDraw Connector

Katalon Manual Tests (BETA)

Activity

Show:

Bug Clerk May 12, 2021 at 10:02 AM

12.0 PR: https://github.com/truenas/webui/pull/5436

Bug Clerk May 12, 2021 at 9:57 AM

21.06 PR: https://github.com/truenas/webui/pull/5435

Complete

Details
Assignee
Ievgen Stepanovych
Reporter
Ievgen Stepanovych
Components
Fix versions
SCALE-21.06-BETA.1
12.0-U5
Priority
High

More fields

Katalon Platform

Created May 12, 2021 at 6:46 AM

Updated July 6, 2022 at 9:02 PM

Resolved May 13, 2021 at 11:13 AM

Deal with quill security vulnerability

Description

Problem/Justification

Impact

SmartDraw Connector

Katalon Manual Tests (BETA)

Activity

Bug Clerk May 12, 2021 at 10:02 AM

Bug Clerk May 12, 2021 at 9:57 AM

DetailsAssigneeIevgen StepanovychIevgen StepanovychReporterIevgen StepanovychIevgen StepanovychComponentsFix versionsSCALE-21.06-BETA.112.0-U5PriorityHigh

Details

Assignee

Reporter

Components

Fix versions

Priority

More fieldsTime tracking

More fields

Katalon PlatformLinked Test Cases, Katalon Defect Results, Katalon Studio Test Results

Katalon Platform

Details
Assignee
Ievgen Stepanovych
Reporter
Ievgen Stepanovych
Components
Fix versions
SCALE-21.06-BETA.1
12.0-U5
Priority
High

More fields

Katalon Platform