Update admin interface #1053

New Issue

Closed

opened 2026-04-06 01:34:11 +02:00 by MrUnknownDE · 0 comments

MrUnknownDE commented 2026-04-06 01:34:11 +02:00

Owner

Copy Link

Originally created by @BlackDex on 7/11/2024

• Updated datatables
• Set Cookie Secure flag if the connection is https
• Prevent possible XSS via Organization Name
  Converted all innerHTML and innerText to the Safe Sink version textContent
• Removed jsesc function as handlebars escapes all these chars already and more by default

Fixes: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39926

*Originally created by @BlackDex on 7/11/2024* - Updated datatables - Set Cookie Secure flag if the connection is https - Prevent possible XSS via Organization Name Converted all `innerHTML` and `innerText` to the Safe Sink version `textContent` - Removed `jsesc` function as handlebars escapes all these chars already and more by default Fixes: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39926

MrUnknownDE closed this issue 2026-04-06 01:34:11 +02:00

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

cached-config-operations

test_dylint

1.35.4

1.35.3

1.35.2

1.35.1

1.35.0

1.34.3

1.34.2

1.34.1

1.34.0

1.33.2

1.33.1

1.33.0

1.32.7

1.32.6

1.32.5

1.32.4

1.32.3

1.32.2

1.32.1

1.32.0

1.31.0

1.30.5

1.30.4

1.30.3

1.30.2

1.30.1

1.30.0

1.29.2

1.29.1

1.29.0

1.28.1

1.28.0

1.27.0

1.26.0

1.25.2

1.25.1

1.25.0

1.24.0

1.23.1

1.23.0

1.22.2

1.22.1

1.22.0

1.21.0

1.20.0

1.19.0

1.18.0

1.17.0

1.16.3

1.16.2

1.16.1

1.16.0

1.15.1

1.15.0

1.14.2

1.14.1

1.14

1.13.1

1.13.0

1.12.0

1.11.0

1.10.0

1.9.1

1.9.0

1.8.0

1.7.0

1.6.1

1.6.0

1.5.0

1.4.0

1.3.0

1.2.0

1.1.0

1.0.0

0.13.0

0.12.0

0.11.0

0.10.0

0.9.0

Labels

Clear labels

SSO

SSO

SSO

SSO

SSO

SSO

SSO

SSO

SSO

SSO

SSO

SSO

SSO

SSO

SSO

SSO

SSO

SSO

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

Third party

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

better for forum

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

documentation

documentation

documentation

documentation

documentation

documentation

documentation

documentation

documentation

documentation

documentation

documentation

documentation

documentation

documentation

documentation

duplicate

duplicate

duplicate

duplicate

duplicate

duplicate

duplicate

duplicate

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

future Vault

future Vault

future Vault

future Vault

future Vault

future Vault

future Vault

future Vault

future Vault

future Vault

future Vault

future Vault

future Vault

future Vault

future Vault

future Vault

future Vault

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

hacktoberfest-accepted

hacktoberfest-accepted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

low priority

notes

notes

notes

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

question

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

troubleshooting

wontfix

wontfix

wontfix

wontfix

wontfix

wontfix

wontfix

wontfix

wontfix

wontfix

wontfix

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

MrUnknownDE

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github/vaultwarden#1053