[Mahara-contributors] [Bug 1014854] [NEW] HTML tags in installation folder (!)

Mon, 18 Jun 2012 15:01:42 -0700 

Public bug reported:

Reported by Emanuel Bronshtein:

> in linux OS it possible to create folder and filenames with name
> contain a unclosed HTML tag.
> by creating a folder name: <img src=0 onerror=alert(1)>, and copied
> the mahara installation folder to it.
> JavaScript code executed by visiting main\installation page.
> http://localhost/M/";><img src=X onerror=alert(7)>/mahara-
> 1.5.1/htdocs/admin/
> the HTML code (from URI) is inserted to database inside wwwroot
> configuration, which then printed to the pages without escaping.

** Affects: mahara
     Importance: Low
         Status: Triaged

** Description changed:

- Reported by Emanual Bronshtein:
+ Reported by Emanuel Bronshtein:
  
  > in linux OS it possible to create folder and filenames with name
  > contain a unclosed HTML tag.
  > by creating a folder name: <img src=0 onerror=alert(1)>, and copied
  > the mahara installation folder to it.
  > JavaScript code executed by visiting main\installation page.
  > http://localhost/M/";><img src=X onerror=alert(7)>/mahara-
  > 1.5.1/htdocs/admin/
  > the HTML code (from URI) is inserted to database inside wwwroot
  > configuration, which then printed to the pages without escaping.

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
https://bugs.launchpad.net/bugs/1014854

Title:
  HTML tags in installation folder (!)

Status in Mahara ePortfolio:
  Triaged

Bug description:
  Reported by Emanuel Bronshtein:

  > in linux OS it possible to create folder and filenames with name
  > contain a unclosed HTML tag.
  > by creating a folder name: <img src=0 onerror=alert(1)>, and copied
  > the mahara installation folder to it.
  > JavaScript code executed by visiting main\installation page.
  > http://localhost/M/";><img src=X onerror=alert(7)>/mahara-
  > 1.5.1/htdocs/admin/
  > the HTML code (from URI) is inserted to database inside wwwroot
  > configuration, which then printed to the pages without escaping.

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1014854/+subscriptions

_______________________________________________
Mailing list: https://launchpad.net/~mahara-contributors
Post to     : mahara-contributors@lists.launchpad.net
Unsubscribe : https://launchpad.net/~mahara-contributors
More help   : https://help.launchpad.net/ListHelp

Reply via email to