Skip to content

Commit

Permalink
Backport of [Security] Close cross scripting vulnerability into relea…
Browse files Browse the repository at this point in the history 
…se/1.19.x (#21346)

* backport of commit c8cb334

* backport of commit 262efd8

---------

Co-authored-by: Sarah Alsmiller <sarah.alsmiller@hashicorp.com>
  • Loading branch information
@hc-github-team-consul-core @sarahalsmiller
hc-github-team-consul-core and sarahalsmiller authored Jun 17, 2024
1 parent 09538e6 commit a1ee7cb
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 1 deletion.
3 changes: 3 additions & 0 deletions .changelog/21342.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:security
agent: removed reflected cross-site scripting vulnerability
```
2 changes: 1 addition & 1 deletion agent/kvs_endpoint.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -293,7 +293,7 @@ func conflictingFlags(resp http.ResponseWriter, req *http.Request, flags ...stri
if _, ok := params[conflict]; ok {
if found {
resp.WriteHeader(http.StatusBadRequest)
fmt.Fprint(resp, "Conflicting flags: "+params.Encode())
fmt.Fprintf(resp, "Conflicting flags: %v\n", params.Encode())
return true
}
found = true
Expand Down

0 comments on commit a1ee7cb

Please sign in to comment.