rpms/grafana
7
0
Fork 0
Code Issues Pull Requests Releases Activity
077561a443
grafana/010-CVE-2020-13430.patch
Andreas Gerstmayr 077561a443 fix CVE-2020-13430 
Resolves: #1850427
Fixes: CVE-2020-13430
2020-08-19 17:21:49 +02:00

22 lines
828 B
Diff
Raw Blame History

diff --git a/public/app/plugins/datasource/opentsdb/query_ctrl.ts b/public/app/plugins/datasource/opentsdb/query_ctrl.ts
index 8569de2eb0..cbb1790625 100644
--- a/public/app/plugins/datasource/opentsdb/query_ctrl.ts
+++ b/public/app/plugins/datasource/opentsdb/query_ctrl.ts
@@ -2,6 +2,7 @@ import _ from 'lodash';
import kbn from 'app/core/utils/kbn';
import { QueryCtrl } from 'app/plugins/sdk';
import { auto } from 'angular';
+import { escapeHtml } from 'app/core/utils/text';
export class OpenTsQueryCtrl extends QueryCtrl {
static templateUrl = 'partials/query.editor.html';
@@ -90,7 +91,7 @@ export class OpenTsQueryCtrl extends QueryCtrl {
getTextValues(metricFindResult: any) {
return _.map(metricFindResult, value => {
- return value.text;
+ return escapeHtml(value.text);
});
}
Reference in New Issue View Git Blame Copy Permalink