Bug Tracker

Opened 10 years ago

Closed 10 years ago

#12254 closed bug (fixed)

Reflected XSS

Reported by: cloudsrise Owned by: cloudsrise
Priority: low Milestone: 1.9
Component: build Version: git
Keywords: Cc:
Blocked by: Blocking:

Description

Line 59 of polluted.php sends unvalidated data to a web browser, which can result in the browser executing malicious code.

Change History (11)

comment:1 Changed 10 years ago by Rick Waldron

Resolution: invalid
Status: newclosed

polluted.php exists solely to be used by the test suite.

comment:2 Changed 10 years ago by anonymous

While I would love to agree with you, user behavior dictates otherwise. It isn't clear to me they are knowingly putting themselves at risk with regards to XSS and this public exploit. http://www.google.com/search?q=inurl:polluted.php should give you a few examples where we see unexpected test suite deployment behavior.

comment:3 Changed 10 years ago by dmethvin

Resolution: invalid
Status: closedreopened

comment:4 Changed 10 years ago by dmethvin

Owner: set to cloudsrise
Status: reopenedpending

Okay, do you have a proposed fix?

comment:5 Changed 10 years ago by anonymous

Validate and sanitize the input / output.

comment:6 in reply to:  5 Changed 10 years ago by dmethvin

Status: pendingopen

I was kind of hoping for a pull request... :)

comment:7 Changed 10 years ago by dmethvin

Component: unfiledcore
Priority: undecidedlow

comment:8 Changed 10 years ago by dmethvin

Component: corebuild

comment:9 Changed 10 years ago by dmethvin

Honestly, cloudsrise, we could use a pull request here if you're interested.

comment:11 Changed 10 years ago by mikesherov

Milestone: None1.9
Resolution: fixed
Status: openclosed
Note: See TracTickets for help on using tickets.