Project

General

Profile

Actions

Bug #13060

closed

Potential XSS from URL and URL Table alias URLs

Added by Jim Pingle almost 2 years ago. Updated about 1 year ago.

Status:
Resolved
Priority:
High
Assignee:
Category:
Aliases / Tables
Target version:
Start date:
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
22.05
Release Notes:
Default
Affected Version:
Affected Architecture:

Description

The URL from a URL or URL Table type alias is not sanitized before display on firewall_alias.php, which can potentially lead to a stored XSS when viewing the list of aliases on the URL or All tabs.

The URL from a URL table alias is also not sanitized when included in the alias popup on various firewall and NAT rule pages, but that mechanism has its own safety measures which prevent it from being a concern there. Even so, it's best to encode it in the popup.

Actions #1

Updated by Jim Pingle almost 2 years ago

  • Status changed from New to Feedback
  • % Done changed from 0 to 100
Actions #2

Updated by Jim Pingle almost 2 years ago

  • Status changed from Feedback to Resolved

No issues on current snapshots

Actions #4

Updated by Jim Pingle about 1 year ago

  • Private changed from Yes to No
Actions

Also available in: Atom PDF