Bug Tracker

Modify

Ticket #12254 (closed bug: fixed)

Opened 10 months ago

Last modified 7 months ago

Reflected XSS

Reported by: cloudsrise Owned by: cloudsrise
Priority: low Milestone: 1.9
Component: build Version: git
Keywords: Cc:
Blocking: Blocked by:

Description

Line 59 of polluted.php sends unvalidated data to a web browser, which can result in the browser executing malicious code.

Change History

comment:1 Changed 10 months ago by rwaldron

  • Status changed from new to closed
  • Resolution set to invalid

polluted.php exists solely to be used by the test suite.

comment:2 Changed 9 months ago by anonymous

While I would love to agree with you, user behavior dictates otherwise. It isn't clear to me they are knowingly putting themselves at risk with regards to XSS and this public exploit.  http://www.google.com/search?q=inurl:polluted.php should give you a few examples where we see unexpected test suite deployment behavior.

comment:3 Changed 9 months ago by dmethvin

  • Status changed from closed to reopened
  • Resolution invalid deleted

comment:4 Changed 9 months ago by dmethvin

  • Owner set to cloudsrise
  • Status changed from reopened to pending

Okay, do you have a proposed fix?

comment:5 follow-up: ↓ 6 Changed 9 months ago by anonymous

Validate and sanitize the input / output.

comment:6 in reply to: ↑ 5 Changed 9 months ago by dmethvin

  • Status changed from pending to open

I was kind of hoping for a pull request... :)

comment:7 Changed 9 months ago by dmethvin

  • Priority changed from undecided to low
  • Component changed from unfiled to core

comment:8 Changed 9 months ago by dmethvin

  • Component changed from core to build

comment:9 Changed 9 months ago by dmethvin

Honestly, cloudsrise, we could use a pull request here if you're interested.

comment:11 Changed 7 months ago by mikesherov

  • Status changed from open to closed
  • Resolution set to fixed
  • Milestone changed from None to 1.9

This was fixed in  https://github.com/jquery/jquery/commit/b62e5522910766a8fb9f1cf29e069360ae75a902 which incorrectly references #12554

Please follow the  bug reporting guidlines and use  jsFiddle when providing test cases and demonstrations instead of pasting the code in the ticket.

View

Add a comment

Modify Ticket

Action
as closed
Author


E-mail address and user name can be saved in the Preferences.

Attachments
 
Note: See TracTickets for help on using tickets.