Project

General

Profile

Bug #7998

XSS in widgetkey parameter of multi-instance dashboard widgets

Added by Jim Pingle almost 2 years ago. Updated over 1 year ago.

Status:
Resolved
Priority:
Urgent
Assignee:
Category:
Dashboard
Target version:
Start date:
10/24/2017
Due date:
% Done:

100%

Estimated time:
Affected Version:
2.4.x
Affected Architecture:
All

Description

Widgets that populate $widgetkey from $_REQUEST are vulnerable to XSS

Test query: /widgets/widgets/interfaces.widget.php?widgetkey=<script>alert("XSS")</script>

Only affects 2.4.x

Associated revisions

Revision e3907730 (diff)
Added by Jim Pingle almost 2 years ago

Encode uses of $widgetkey in various contexts so it isn't echoed back to the user raw. Fixes #7998

Revision 8b4c14f5 (diff)
Added by Jim Pingle almost 2 years ago

Encode uses of $widgetkey in various contexts so it isn't echoed back to the user raw. Fixes #7998

(cherry picked from commit e3907730bdcc879f968d5d917ec9ac6567518e58)

History

#1 Updated by Jim Pingle almost 2 years ago

  • Status changed from Confirmed to Feedback
  • % Done changed from 0 to 100

#2 Updated by Jim Pingle almost 2 years ago

  • Status changed from Feedback to Resolved

#3 Updated by Jim Pingle over 1 year ago

  • Private changed from Yes to No

Also available in: Atom PDF