Headline
CVE-2021-43515: version 1.14.1 (#2532) · kevinpapst/kimai2@dad1b8b
A CSV Injection vulnerablity exists in Kimai Kimai 2 > 1.14 via a description in a new timesheet.
@@ -0,0 +1,262 @@ /*! * Bootstrap v3.4.1 (https://getbootstrap.com/) * Copyright 2011-2019 Twitter, Inc. * Licensed under the MIT license */
/*! * JavaScript Cookie v2.2.1 * https://github.com/js-cookie/js-cookie * * Copyright 2006, 2015 Klaus Hartl & Fagner Brack * Released under the MIT license */
/*! * Sizzle CSS Selector Engine v2.3.5 * https://sizzlejs.com/ * * Copyright JS Foundation and other contributors * Released under the MIT license * https://js.foundation/ * * Date: 2020-03-14 */
/*! * [KIMAI] KimaiAPI: easy access to API methods */
/*! * [KIMAI] KimaiActiveRecords: responsible to display the users active records */
/*! * [KIMAI] KimaiActiveRecordsDuration: activate the updates for all active timesheet records on this page */
/*! * [KIMAI] KimaiAjaxModalForm * * allows to assign the given selector to any element, which then is used as click-handler: * opening a modal with the content from the URL given in the elements ‘data-href’ or ‘href’ attribute */
/*! * [KIMAI] KimaiAlert: notifications for Kimai */
/*! * [KIMAI] KimaiAlternativeLinks * * allows to assign the given selector to any element, which then is used as click-handler * redirecting to the URL given in the elements ‘data-href’ or ‘href’ attribute */
/*! * [KIMAI] KimaiConfiguration: handling all configuration and runtime settings */
/*! * [KIMAI] KimaiContainer * * ServiceContainer for Kimai */
/*! * [KIMAI] KimaiCookies: simple wrapper to handle cookies */
/*! * [KIMAI] KimaiDatatable: handles functionality for the datatable */
/*! * [KIMAI] KimaiDatatableColumnView: manages the visibility of data-table columns in cookies */
/*! * [KIMAI] KimaiDatePicker: single date selects (currently unused) */
/*! * [KIMAI] KimaiDateRangePicker: activate the (daterange picker) compound field in toolbar */
/*! * [KIMAI] KimaiDateTimePicker: activate the (datetime picker) field in timesheet edit dialog */
/*! * [KIMAI] KimaiDateUtils: responsible for handling date specific tasks */
/*! * [KIMAI] KimaiEvent: helper to trigger events */
/*! * [KIMAI] KimaiForm: basic functions for all forms */
/*! * [KIMAI] KimaiFormSelect: enhanced functionality for HTML select’s */
/*! * [KIMAI] KimaiLoader: bootstrap the application and all plugins */
/*! * [KIMAI] KimaiMultiUpdateForm: handle the multi update checkbox list and form */
/*! * [KIMAI] KimaiPaginatedBoxWidget: handles box widgets that have a pagination */
/*! * [KIMAI] KimaiPlugin: base class for all plugins */
/*! * [KIMAI] KimaiRecentActivities: responsible to reload the users recent activities */
/*! * [KIMAI] KimaiReducedClickHandler: abstract class */
/*! * [KIMAI] KimaiReloadPageWidget: a simple helper to reload the page on events */
/*! * [KIMAI] KimaiSelectDataAPI: <select> boxes with dynamic data from API */
/*! * [KIMAI] KimaiThemeInitializer: initialize theme functionality */
/*! * [KIMAI] KimaiToolbar: some event listener to handle the toolbar/data-table filter, toolbar and navigation */
/*! * [KIMAI] KimaiTranslation: handling translation strings */
/*! * [KIMAI] Wrapper class for loading Kimai app in browser script scope */
/*! * jQuery JavaScript Library v3.5.1 * https://jquery.com/ * * Includes Sizzle.js * https://sizzlejs.com/ * * Copyright JS Foundation and other contributors * Released under the MIT license * https://jquery.org/license * * Date: 2020-05-04T22:49Z */
/*! * jQuery UI Autocomplete 1.12.1 * http://jqueryui.com * * Copyright jQuery Foundation and other contributors * Released under the MIT license. * http://jquery.org/license */
/*! * jQuery UI Keycode 1.12.1 * http://jqueryui.com * * Copyright jQuery Foundation and other contributors * Released under the MIT license. * http://jquery.org/license */
/*! * jQuery UI Menu 1.12.1 * http://jqueryui.com * * Copyright jQuery Foundation and other contributors * Released under the MIT license. * http://jquery.org/license */
/*! * jQuery UI Position 1.12.1 * http://jqueryui.com * * Copyright jQuery Foundation and other contributors * Released under the MIT license. * http://jquery.org/license * * http://api.jqueryui.com/position/ */
/*! * jQuery UI Unique ID 1.12.1 * http://jqueryui.com * * Copyright jQuery Foundation and other contributors * Released under the MIT license. * http://jquery.org/license */
/*! * jQuery UI Widget 1.12.1 * http://jqueryui.com * * Copyright jQuery Foundation and other contributors * Released under the MIT license. * http://jquery.org/license */
/*! AdminLTE app.js * ================ * Main JS application file for AdminLTE v2. This file * should be included in all pages. It controls some layout * options and implements exclusive AdminLTE plugins. * * @author Colorlib * @support https://github.com/ColorlibHQ/AdminLTE/issues * @version v2.4.18 * @repository git://github.com/ColorlibHQ/AdminLTE.git * @license MIT http://opensource.org/licenses/MIT */
/*! Copyright © 2011 Piotr Rochala (http://rocha.la) * Dual licensed under the MIT (http://www.opensource.org/licenses/mit-license.php) * and GPL (http://www.opensource.org/licenses/gpl-license.php) licenses. * * Version: 1.3.8 * */
/*! Select2 4.0.13 | https://github.com/select2/select2/blob/master/LICENSE.md */
/** * @license almond 0.3.3 Copyright jQuery Foundation and other contributors. * Released under MIT license, http://github.com/requirejs/almond/LICENSE */
/** * @version: 3.1 * @author: Dan Grossman http://www.dangrossman.info/ * @copyright: Copyright © 2012-2019 Dan Grossman. All rights reserved. * @license: Licensed under the MIT license. See http://www.opensource.org/licenses/mit-license.php * @website: http://www.daterangepicker.com/ */
//! moment.js
//! moment.js locale configuration