[magnolia-dev] [JIRA] Closed: (MGNLSTK-660) XSS leak in standard search field

on behalf of Philipp Bärfuss Tue, 13 Jul 2010 08:08:50 -0700


     [ 
http://jira.magnolia-cms.com/browse/MGNLSTK-660?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Philipp Bärfuss closed MGNLSTK-660.
-----------------------------------

    Resolution: Cannot Reproduce

Definitely not reproducible with 1.3.1.

Test same request on demo:

http://demopublic.magnolia-cms.com/demo-project/service/search-result.html?queryStr=%22%3E%3Cscript%3Edocument.write%28%27%3Cobject+width%3D%22480%22+height%3D%22385%22%3E%3Cparam+name%3D%22movie%22+value%3D%22http%3A%2F%2Fwww.youtube.com%2Fv%2FiwGFalTRHDA%26amp%3Bhl%3Den_US%26amp%3Bfs%3D1%22%3E%3C%2Fparam%3E%3Cparam+name%3D%22allowFullScreen%22+value%3D%22true%22%3E%3C%2Fparam%3E%3Cparam+name%3D%22allowscriptaccess%22+value%3D%22always%22%3E%3C%2Fparam%3E%3Cembed+src%3D%22http%3A%2F%2Fwww.youtube.com%2Fv%2FiwGFalTRHDA%26amp%3Bhl%3Den_US%26amp%3Bfs%3D1%22+type%3D%22application%2Fx-shockwave-flash%22+allowscriptaccess%3D%22always%22+allowfullscreen%3D%22true%22+width%3D%22480%22+height%3D%22385%22%3E%3C%2Fembed%3E%3C%2Fobject%3E%27%29%3B%3C%2Fscript%3E

> XSS leak in standard search field
> ---------------------------------
>
>                 Key: MGNLSTK-660
>                 URL: http://jira.magnolia-cms.com/browse/MGNLSTK-660
>             Project: Magnolia Standard Templating Kit
>          Issue Type: Bug
>    Affects Versions: 1.3.1
>            Reporter: Hay Kranen
>            Assignee: Philipp Bärfuss
>            Priority: Critical
>
> HTML content is not escaped in the two search fields in the default STK site 
> (the default one at the top, and the one on the bottom on the results page). 
> E.g, search for
> "><script>alert("xss");</script>
> This works on the live Magnolia-cms.com site:
> http://www.magnolia-cms.com/home/top-level/searchResult.html?queryStr=%22%3E%3Cscript%3Edocument.write%28%27%3Cobject+width%3D%22480%22+height%3D%22385%22%3E%3Cparam+name%3D%22movie%22+value%3D%22http%3A%2F%2Fwww.youtube.com%2Fv%2FiwGFalTRHDA%26amp%3Bhl%3Den_US%26amp%3Bfs%3D1%22%3E%3C%2Fparam%3E%3Cparam+name%3D%22allowFullScreen%22+value%3D%22true%22%3E%3C%2Fparam%3E%3Cparam+name%3D%22allowscriptaccess%22+value%3D%22always%22%3E%3C%2Fparam%3E%3Cembed+src%3D%22http%3A%2F%2Fwww.youtube.com%2Fv%2FiwGFalTRHDA%26amp%3Bhl%3Den_US%26amp%3Bfs%3D1%22+type%3D%22application%2Fx-shockwave-flash%22+allowscriptaccess%3D%22always%22+allowfullscreen%3D%22true%22+width%3D%22480%22+height%3D%22385%22%3E%3C%2Fembed%3E%3C%2Fobject%3E%27%29%3B%3C%2Fscript%3E
> Related to issue MGNLSTK-617

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: 
http://jira.magnolia-cms.com/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira



----------------------------------------------------------------
For list details see
http://www.magnolia-cms.com/home/community/mailing-lists.html
To unsubscribe, E-mail to: <[email protected]>
----------------------------------------------------------------

[magnolia-dev] [JIRA] Closed: (MGNLSTK-660) XSS leak in standard search field

Reply via email to