Skip to main content

Bug Tracker

Side navigation

#12254 closed bug (fixed)

Opened August 10, 2012 08:09PM UTC

Closed October 26, 2012 01:12PM UTC

Reflected XSS

Reported by: cloudsrise Owned by: cloudsrise
Priority: low Milestone: 1.9
Component: build Version: git
Keywords: Cc:
Blocked by: Blocking:
Description

Line 59 of polluted.php sends unvalidated data to a web browser, which can result in the browser executing malicious code.

Attachments (0)
Change History (11)

Changed August 10, 2012 08:24PM UTC by rwaldron comment:1

resolution: → invalid
status: newclosed

polluted.php exists solely to be used by the test suite.

Changed August 22, 2012 06:16AM UTC by anonymous comment:2

While I would love to agree with you, user behavior dictates otherwise. It isn't clear to me they are knowingly putting themselves at risk with regards to XSS and this public exploit. http://www.google.com/search?q=inurl:polluted.php should give you a few examples where we see unexpected test suite deployment behavior.

Changed August 22, 2012 12:39PM UTC by dmethvin comment:3

resolution: invalid
status: closedreopened

Changed August 22, 2012 12:40PM UTC by dmethvin comment:4

owner: → cloudsrise
status: reopenedpending

Okay, do you have a proposed fix?

Changed August 23, 2012 12:01AM UTC by anonymous comment:5

Validate and sanitize the input / output.

Changed August 23, 2012 12:02AM UTC by dmethvin comment:6

status: pendingopen

I was kind of hoping for a pull request... :)

Changed August 23, 2012 12:03AM UTC by dmethvin comment:7

component: unfiledcore
priority: undecidedlow

Changed August 23, 2012 12:04AM UTC by dmethvin comment:8

component: corebuild

Changed August 24, 2012 01:53AM UTC by dmethvin comment:9

Honestly, cloudsrise, we could use a pull request here if you're interested.

Changed August 24, 2012 07:41AM UTC by Markus.Staab comment:10

Changed October 26, 2012 01:12PM UTC by mikesherov comment:11

milestone: None1.9
resolution: → fixed
status: openclosed