Bug Tracker

Modify

Ticket #3728 (closed enhancement: invalid)

Opened 4 years ago

Last modified 4 years ago

[autocomplete] - Cross-Site Scripting (XSS) Security Fix Suggestion

Reported by: richapps Owned by:
Priority: major Milestone: 1.3
Component: plugin Version: 1.2.6
Keywords: security, xss, autocomplete, cross-site Cc: richapps@…
Blocking: Blocked by:

Description

When the loaded data for autocomplete contains special characters, it exposes a cross-site scripting vulnerability. A simple fix is to escape certain characters (<, >, ") before they are applied to the screen. This will prevent unwanted malicious script executions.

On line 367 of version 1.0.2, replace the line:

var rows = data.split("\n");

with this line:

var rows = data.replace(/\</g,'&lt;').replace(/\>/g,'&gt;').replace(/\"/g,'&quot;').split("\n");

Change History

comment:1 Changed 4 years ago by dmethvin

  • Status changed from new to closed
  • Resolution set to invalid

This is not a jQuery core bug. Please report plugin bugs to the plugin's author, or ask on the jQuery forums. jQuery UI bugs should be reported on the UI bug tracker,  http://dev.jqueryui.com .

Please follow the  bug reporting guidlines and use  jsFiddle when providing test cases and demonstrations instead of pasting the code in the ticket.

View

Add a comment

Modify Ticket

Action
as closed
Author


E-mail address and user name can be saved in the Preferences.

Attachments
 
Note: See TracTickets for help on using tickets.