Bug Tracker

Ticket #12254 (closed bug: fixed)

Opened 2 years ago

Last modified 2 years ago

Reflected XSS

Reported by: cloudsrise Owned by: cloudsrise
Priority: low Milestone: 1.9
Component: build Version: git
Keywords: Cc:
Blocking: Blocked by:

Description

Line 59 of polluted.php sends unvalidated data to a web browser, which can result in the browser executing malicious code.

Change History

comment:1 Changed 2 years ago by rwaldron

  • Status changed from new to closed
  • Resolution set to invalid

polluted.php exists solely to be used by the test suite.

comment:2 Changed 2 years ago by anonymous

While I would love to agree with you, user behavior dictates otherwise. It isn't clear to me they are knowingly putting themselves at risk with regards to XSS and this public exploit.  http://www.google.com/search?q=inurl:polluted.php should give you a few examples where we see unexpected test suite deployment behavior.

comment:3 Changed 2 years ago by dmethvin

  • Status changed from closed to reopened
  • Resolution invalid deleted

comment:4 Changed 2 years ago by dmethvin

  • Owner set to cloudsrise
  • Status changed from reopened to pending

Okay, do you have a proposed fix?

comment:5 follow-up: ↓ 6 Changed 2 years ago by anonymous

Validate and sanitize the input / output.

comment:6 in reply to: ↑ 5 Changed 2 years ago by dmethvin

  • Status changed from pending to open

I was kind of hoping for a pull request... :)

comment:7 Changed 2 years ago by dmethvin

  • Priority changed from undecided to low
  • Component changed from unfiled to core

comment:8 Changed 2 years ago by dmethvin

  • Component changed from core to build

comment:9 Changed 2 years ago by dmethvin

Honestly, cloudsrise, we could use a pull request here if you're interested.

comment:11 Changed 2 years ago by mikesherov

  • Status changed from open to closed
  • Resolution set to fixed
  • Milestone changed from None to 1.9
Note: See TracTickets for help on using tickets.