Sami 52577b11ed Fix 7 frontend security vulnerabilities (4 critical, 3 high) ...

- Escape all innerHTML assignments with user/external data across 12 JS files
- Upgrade credential encryption: per-value IV, key moved to sessionStorage
- Fix open redirect in TOTP auth via proper URL hostname validation
- Remove sensitive DNS topology data from localStorage cache
- Add security regression test suite (51 tests)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-03-07 01:29:04 -08:00

4.5 KiB

Raw Blame History

View Raw