** Changed in: mahara/1.3
Status: In Progress => Fix Released
** Visibility changed to: Public
--
You received this bug notification because you are a member of Mahara
Core, which is subscribed to Mahara.
https://bugs.launchpad.net/bugs/798136
Title:
XSS in URI attributes in the externalfeed block
Status in Mahara ePortfolio:
Fix Released
Status in Mahara 1.3 series:
Fix Released
Bug description:
I have following "Item"-snippet at RSS-feed:
<item>
<title>PS3 and Lara Croft</title>
<pubDate>Wed, 29 Sep 2010 18:44:15 +0300</pubDate>
<description>Description</description>
<link>javascript:alert(1)</link>
<guid>javascript:alert(1)</guid>
<comments>http://www.example.net/7606/#comments</comments>
</item>
When the link is created for RSS-item, guid with javascript: -protocol
is left as such. So attacker can create group, link own carefully
crafted RSS-feed, load it to one Group page, and when user clicks news
item from it, XSS is executed.
To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/798136/+subscriptions
_______________________________________________
Mailing list: https://launchpad.net/~mahara-core
Post to : [email protected]
Unsubscribe : https://launchpad.net/~mahara-core
More help : https://help.launchpad.net/ListHelp
