Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Kodiak Fixes: Fixed Open-Redirect, SSRF, Cross-site scripting vulnerabilities #646

Open
wants to merge 5 commits into
base: stage
Choose a base branch
from
Open

Kodiak Fixes: Fixed Open-Redirect, SSRF, Cross-site scripting vulnerabilities #646

wants to merge 5 commits into from
+1,392 −810

Conversation

sivasadobe
Copy link
Contributor

@sivasadobe sivasadobe commented Feb 21, 2025
edited
Loading

  • Fixed SSRF vulnerabilities in dev packages.
  • Fixed CSS vulnerabilities by escaping the HTML.
  • Fixed Open redirect vulnerabilities.

Resolves:
CSS vulnerability: MWPW-167298,
SSRF vulnerability: MWPW-164995,
Open Redirect vulnerabilities: MWPW-167835, MWPW-167834, MWPW-167732, MWPW-167733, MWPW-167092, MWPW-167091

Test URLs:

@sivasadobe sivasadobe requested a review from a team as a code owner February 21, 2025 11:28
@aem-code-sync AEM Code Sync
Copy link

aem-code-sync bot commented Feb 21, 2025
edited
Loading

Page Scores Audits Google
📱 /?martech=off PERFORMANCE A11Y SEO BEST PRACTICES SI FCP LCP TBT CLS PSI
🖥️ /?martech=off PERFORMANCE A11Y SEO BEST PRACTICES SI FCP LCP TBT CLS PSI

@milo-pr-merge-cc
Copy link

Skipped merging 646: Kodiak Fixes: Fixed SSRF & Cross-site scripting vulnerabilities due to failing checks

@sivasadobe sivasadobe changed the title Kodiak Fixes: Fixed SSRF & Cross-site scripting vulnerabilities Kodiak Fixes: Fixed Open-Redirect, SSRF, Cross-site scripting vulnerabilities Feb 24, 2025
@milo-pr-merge-cc
Copy link

Skipped merging 646: Kodiak Fixes: Fixed Open-Redirect, SSRF, Cross-site scripting vulnerabilities due to missing verified label. kindly make sure that the PR has been verified

1 similar comment
@milo-pr-merge-cc
Copy link

Skipped merging 646: Kodiak Fixes: Fixed Open-Redirect, SSRF, Cross-site scripting vulnerabilities due to missing verified label. kindly make sure that the PR has been verified

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aishwaryamathuria aishwaryamathuria Awaiting requested review from aishwaryamathuria

@yesil yesil Awaiting requested review from yesil

@auniverseaway auniverseaway Awaiting requested review from auniverseaway

@drashti1712 drashti1712 Awaiting requested review from drashti1712

@suhjainadobe suhjainadobe Awaiting requested review from suhjainadobe

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@sivasadobe