** Changed in: mahara/17.10
Status: In Progress => Fix Committed
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
Matching subscriptions: Subscription for all Mahara Contributors -- please ask
on #mahara-dev or mahara.org forum before editing or unsubscribing it!
https://bugs.launchpad.net/bugs/1697308
Title:
Potential attack vector via registration form
Status in Mahara:
Fix Committed
Status in Mahara 15.04 series:
Fix Released
Status in Mahara 16.04 series:
Fix Released
Status in Mahara 16.10 series:
Fix Released
Status in Mahara 17.04 series:
Fix Released
Status in Mahara 17.10 series:
Fix Committed
Bug description:
As reported by Mushraf Mustafa
By using something like
Lastname: <img src='nothing' onerror='myFunction'>
A user can submit potential dangerous payload to be saved as their name in
the usr_registration table.
The values are then also emailed out to the the user and admin.
And if accepted become part of the new user's account.
We should clean up the submitted values from the form and remove any
HTML tags and Javascript code as that is not valid input.
To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1697308/+subscriptions
_______________________________________________
Mailing list: https://launchpad.net/~mahara-contributors
Post to : [email protected]
Unsubscribe : https://launchpad.net/~mahara-contributors
More help : https://help.launchpad.net/ListHelp
