From 1ab65887cacd9fbeabb11d02533df0d1fb78b6ab Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Tue, 17 Mar 2026 22:21:23 +0000
Subject: [PATCH 1/2] Initial plan


From f4d931872957b7205e051ebf5858c6f3c20de005 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Tue, 17 Mar 2026 22:29:11 +0000
Subject: [PATCH 2/2] Fix XSS vulnerability in Absolute Time Range date/time
 field validation tooltips

Co-authored-by: deniszh <1227222+deniszh@users.noreply.github.com>
---
 webapp/content/js/dashboard.js | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/webapp/content/js/dashboard.js b/webapp/content/js/dashboard.js
index e6ced3bcc..0d4fa0c18 100644
--- a/webapp/content/js/dashboard.js
+++ b/webapp/content/js/dashboard.js
@@ -1326,7 +1326,8 @@ function selectAbsoluteTime() {
   var startDateField = new Ext.form.DateField({
     fieldLabel: 'Start Date',
     width: 125,
-    value: TimeRange.startDate || ''
+    value: TimeRange.startDate || '',
+    invalidText: 'Not a valid date'
   });
 
   var startTimeField = new Ext.form.TimeField({
@@ -1334,13 +1335,15 @@ function selectAbsoluteTime() {
     width: 125,
     allowBlank: false,
     increment: 30,
-    value: TimeRange.startTime || ''
+    value: TimeRange.startTime || '',
+    invalidText: 'Not a valid time'
   });
 
   var endDateField = new Ext.form.DateField({
     fieldLabel: 'End Date',
     width: 125,
-    value: TimeRange.endDate || ''
+    value: TimeRange.endDate || '',
+    invalidText: 'Not a valid date'
   });
 
   var endTimeField = new Ext.form.TimeField({
@@ -1348,7 +1351,8 @@ function selectAbsoluteTime() {
     width: 125,
     allowBlank: false,
     increment: 30,
-    value: TimeRange.endTime || ''
+    value: TimeRange.endTime || '',
+    invalidText: 'Not a valid time'
   });
 
   var win;