Skip to content

Commit

Permalink
update discovery page, blog post preview layout
Browse files Browse the repository at this point in the history
  • Loading branch information
@tcbutler320
tcbutler320 committed Sep 10, 2021
1 parent a6f7b7b commit 953d1a6
Show file tree
Hide file tree
Showing 10 changed files with 411 additions and 77 deletions.
6 changes: 2 additions & 4 deletions _data/navigation.yml
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
primary:
- text: About
links:
- text: About Us
- text: About
href: /about
- text: The Team
href: /team
Expand All @@ -17,11 +17,9 @@ primary:
href: /advisories
- text: Proof of Concept Exploits
href: /exploits
- text: Responsible Disclosures
href: /disclosure
- text: Connect
links:
- text: Contact Us
- text: Contact
href: /contact
- text: The Team
href: /team
Expand Down
165 changes: 165 additions & 0 deletions _layouts/discovery.html
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,165 @@
---
main: foo, bar, qaz
---

<!DOCTYPE html>
<html lang="{{ page.lang | default: site.lang | default: 'en-US' }}">
<head>
{% include meta.html %}
{% include styles.html %}
{% if site.google_analytics_ua or site.dap_agency %}
{% include analytics.html %}
{% endif %}
</head>
<body class="{{ layout.class }} {{ page.class }} {% if site.site_width %}site-{{ site.site_width }}{% endif %}">
{% include skipnav.html %}
{% include header.html %}

{% assign hero = page.hero %}
{% include components/hero.html %}

{% if page.tagline and page.intro %}
<section class="grid-container usa-section">
<div class="grid-row grid-gap">
<div class="tablet:grid-col-4">
<h2 class="font-heading-xl margin-top-0 tablet:margin-bottom-0">{{ page.tagline }}</h2>
</div>
<div class="tablet:grid-col-8 usa-prose">
{{ page.intro | markdownify }}
</div>
</div>
</section>
{% endif %}

<section class="grid-container usa-section">
<div class="grid-row grid-gap">
<div class="tablet:grid-col-4">
<h2 class="font-heading-xl margin-top-0 tablet:margin-bottom-0">Latest Publications</h2>
</div>
<div class="tablet:grid-col-8 usa-prose">
{% for post in site.posts %}
{% if post.img %}
<div class="hov">
<a href="{{post.url}}">
<img src="{{post.img}}" class="card-img-top rounded" alt="{{post.title}}">
<div class="card-body">
<h5 class="card-title"><a href="{{post.url}}" style="color:black;text-decoration: none;"><b>{{ post.title }}</b></a>
</h5>
<p class="card-text"><span class="badge bg-fun" style="background-color:#162e51;">Research</span> {{post.lead}}</p>
<p class="card-text"><small class="text-muted">Published {{post.date | date: "%b %d, %Y"}}</small></p>
</div>
</a>
</div>
<br>
{% else %}
<div class="hov">
<div class="card mb-3 border-0" style="width:100%;">
<div class="row g-0">
<div class="col-md-4">
<img src="/assets/img/obsrva-sm.png" class="img-fluid rounded-start" alt="...">
</div>
<div class="col-md-8">
<div class="card-body">
<h5 class="card-title"><a href="{{post.url}}" style="color:black;text-decoration: none;"><b>{{ post.title }}</b></a>
</h5>
<p class="card-text"><span class="badge bg-fun" style="background-color:#162e51;">POC</span> {{post.lead}}</p>
</div>
</div>
</div>
</div>
</div>
<br>
{% endif %}
{% endfor %}
</div>
</div>
</section>
<section class="grid-container usa-section">
<div class="grid-row grid-gap">
<div class="tablet:grid-col-4">
<h2 class="font-heading-xl margin-top-0 tablet:margin-bottom-0">All Advisories</h2>
</div>
<div class="tablet:grid-col-8 usa-prose">
<!-- Start of Advisory Group -->
<div class="accordion" id="accordionExample">
<div class="accordion-item">
<h2 class="accordion-header" id="headingOne">
<button class="accordion-button" type="button" data-bs-toggle="collapse" data-bs-target="#collapseOne" aria-expanded="true" aria-controls="collapseOne">
<strong>[CVE-2021-3441] &nbsp</strong> HP Officejet - ‘AirPrint’ Cross Site Scripting (XSS)
</button>
</h2>
<div id="collapseOne" class="accordion-collapse collapse show" aria-labelledby="headingOne" data-bs-parent="#accordionExample">
<div class="accordion-body">
<br>
<p><strong>Overview:</strong> Stored cross-site scripting (XSS) in the embedded webserver of certain HP OfficeJet Printers—including the 4630 e-All-in-One Printer and 7110 Wide Format ePrinter— enables remote unauthenticated attackers to introduce arbitrary JavaScript via the <code>printer name</code> and <code>printer location</code> fields.</p>
<p> <strong>Credit: </strong> Tyler Butler</p>
<p> <strong>Disclosure Date: </strong>2021-08-22</p>
<p><strong> Advisory Link: </strong> <a href="/2021/08/22/CVE-2021-3441.html">CVE-2021-3441</a></p>
</div>
</div>
</div>
<div class="accordion-item">
<h2 class="accordion-header" id="headingTwo">
<button class="accordion-button collapsed" type="button" data-bs-toggle="collapse" data-bs-target="#collapseTwo" aria-expanded="false" aria-controls="collapseTwo">
<strong>[CVE-2021-35956] &nbsp</strong> AKCP sensorProbe - 'Multiple' Cross Site Scripting (XSS)
</button>
</h2>
<div id="collapseTwo" class="accordion-collapse collapse" aria-labelledby="headingTwo" data-bs-parent="#accordionExample">
<div class="accordion-body">
<br>
<p><strong>Overview:</strong> Stored cross-site scripting (XSS) in the embedded webserver of AKCP sensorProbe before SP480-20210624 enables remote authenticated attackers to introduce arbitrary JavaScript via the <code>Sensor Description</code>, <code>Email (from/to/cc)</code>, <code>System Name</code>, and <code>System Location</code> fields.</p>
<p> <strong>Credit: </strong> Tyler Butler</p>
<p> <strong>Disclosure Date: </strong> 2021-06-06</p>
<p><strong> Advisory Link: </strong> <a href="/2021/06/06/CVE-2021-35956.html">CVE-2021-35956</a></p>
</div>
</div>
</div>
</div>
<!-- End of Advisory Group -->
</div>
</div>
</section>

{% capture _graphics %}
{% include graphic-list-post.html graphics=page.graphics %}
{% endcapture %}

{% capture _graphics %}
{% include graphic-list.html graphics=page.graphics %}
{% endcapture %}

{% if page.graphics_position != 'after' %}
{{ _graphics }}
{% endif %}


{% if page.layout == 'post' %}
{{ content }}
{% else %}
<main id="main-content"{% for _attr in layout.main %} {{ _attr[0] }}="{{ _attr[1] }}"{% endfor %}>
{{ content }}
</main>
{% endif %}

{% if page.graphics_position == 'after' %}
{{ _graphics }}
{% endif %}

<section class="grid-container usa-section">
<div class="grid-row grid-gap" >
<div class="tablet:grid-col-4">
<h2 class="font-heading-xl margin-top-0 tablet:margin-bottom-0" id="{{page.featured | uri_escape }}">Connect on Twitter</h2>
</div>
<div class="tablet:grid-col-8 usa-prose">
<a class="twitter-timeline" href="https://twitter.com/Obsrva_?ref_src=twsrc%5Etfw">Tweets by Obsrva_</a> <script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
</div>
</div>
</section>


{% include footer.html %}

{% include scripts.html %}

</body>
</html>
9 changes: 9 additions & 0 deletions _layouts/home-page.html
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
---
layout: home
main:
class: usa-section
---

<div class="grid-container">
{{ content }}
</div>
Loading

0 comments on commit 953d1a6

Please sign in to comment.