This is an automated email from the ASF dual-hosted git repository. wuzhiguo pushed a commit to branch trunk in repository https://gitbox.apache.org/repos/asf/ambari.git
The following commit(s) were added to refs/heads/trunk by this push: new e54256d10b AMBARI-25396: cross-site scripting vulnerability on Ambari hosts (#3500) e54256d10b is described below commit e54256d10b9e92aa4a8024c77df5fd70068ab253 Author: Zhiguo Wu <wuzhi...@apache.org> AuthorDate: Tue Nov 15 00:40:25 2022 +0800 AMBARI-25396: cross-site scripting vulnerability on Ambari hosts (#3500) --- ambari-web/app/views/wizard/step2_view.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ambari-web/app/views/wizard/step2_view.js b/ambari-web/app/views/wizard/step2_view.js index 6bbda30625..972c2c9b3c 100644 --- a/ambari-web/app/views/wizard/step2_view.js +++ b/ambari-web/app/views/wizard/step2_view.js @@ -39,8 +39,8 @@ App.SshKeyFileUploader = Em.View.extend({ return function (e) { var fileNameArray = $("#file").val().toString().split("\\"); var selectedFileName = fileNameArray[fileNameArray.length -1]; - $('#selectedFileName').html(selectedFileName); - $('#sshKey').html(e.target.result); + $('#selectedFileName').text(selectedFileName); + $('#sshKey').text(e.target.result); self.get("controller").setSshKey(e.target.result); }; })(file); --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@ambari.apache.org For additional commands, e-mail: commits-h...@ambari.apache.org