Project

General

Profile

Actions

Bug #6154

closed

Notices are displaying raw html (interpreted by the browser), potential XSS vector

Added by Jim Pingle over 8 years ago. Updated almost 8 years ago.

Status:
Resolved
Priority:
Normal
Category:
Web Interface
Target version:
Start date:
04/14/2016
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.3
Affected Architecture:

Description

The text of a notice is displayed as passed, presumably to allow for links in the notice text. At least one place that files notices -- the AutoConfigBackup package -- is passing through raw HTML from a server response, which breaks the display and is a potential XSS vector.

Fixing ACB may be good enough, though it still seems a bit dangerous, maybe only allow certain tags like "a" to show through, and strip out any script/onload/etc? Needs some thought.

Actions

Also available in: Atom PDF