Amendment: It's only handled correctly in the frontend if
comments.filters_enabled is false.
On Mon, 12 Jan 2009 11:37:42 +0100
Simon Josi wrote:
> XSS ist possible in the admin part of the comments extensions.
>
> Reproduce:
> 1. Post a Comment with say "alert("oh my xss")"
> 2. Login as admin, goto comments tab
> 3. you see...
>
> In the frontend, the output is handled correctly.
> This gives an attacker the possibility to take over an admin account.
>
>
> /simon
signature.asc
Description: PGP signature
___
Radiant mailing list
Post: Radiant@radiantcms.org
Search: http://radiantcms.org/mailing-list/search/
Site: http://lists.radiantcms.org/mailman/listinfo/radiant