Unsanitized Javascript in path #211

stevenrombauts · 2015-11-23T12:30:59Z

Adding the string "><script>alert('Oops!')</script> to any path on v2 sites gets the JS code to be executed.

Example:

Source:

The text was updated successfully, but these errors were encountered:

stevenrombauts · 2015-11-24T13:39:10Z

Code has been patched and issues resolved.

johanjanssens · 2015-11-25T00:02:15Z

@stevenrombauts Did you also email the organisation who reported it that it was fixed ?

stevenrombauts · 2015-11-25T17:31:27Z

@johanjanssens I sent a message to the researcher who discovered it. He verified the fix (also verified on xssposed.org)

johanjanssens · 2015-11-25T18:08:11Z

Thanks, good work!

stevenrombauts added the priority label Nov 23, 2015

stevenrombauts self-assigned this Nov 23, 2015

stevenrombauts added this to the Current milestone Nov 23, 2015

stevenrombauts pushed a commit that referenced this issue Nov 24, 2015

#211 - Escape all attributes with url() as value

8eace6c

tomjanssens changed the title ~~Unsanitized javascript in path~~ Unsanitized Javascript in path Nov 24, 2015

stevenrombauts closed this as completed Nov 24, 2015

tomjanssens unassigned stevenrombauts Nov 26, 2015

tomjanssens modified the milestones: Current, v2.10 May 2, 2016

Provide feedback