[Bug 25340] Cross-site scripting (XSS) vulnerability in Semantic MediaWiki
https://bugzilla.wikimedia.org/show_bug.cgi?id=25340 Jeroen De Dauw changed: What|Removed |Added Status|NEW |RESOLVED Resolution||FIXED -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug. ___ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
[Bug 25340] Cross-site scripting (XSS) vulnerability in Semantic MediaWiki
https://bugzilla.wikimedia.org/show_bug.cgi?id=25340 Jeroen De Dauw changed: What|Removed |Added Status|REOPENED|NEW --- Comment #7 from Jeroen De Dauw 2010-11-02 20:04:04 UTC --- Thanks for reporting this. The issue should be fixed after this commit: https://secure.wikimedia.org/wikipedia/mediawiki/wiki/Special:Code/MediaWiki/75871 -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug. ___ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
[Bug 25340] Cross-site scripting (XSS) vulnerability in Semantic MediaWiki
https://bugzilla.wikimedia.org/show_bug.cgi?id=25340 david.pa...@commercebank.com changed: What|Removed |Added Status|RESOLVED|REOPENED Resolution|FIXED | --- Comment #6 from david.pa...@commercebank.com 2010-11-01 15:00:04 UTC --- We've found the same vulnerability in the 'default' input field on the ask screen. To Replicate: Go to: http://semantic-mediawiki.org/wiki/Special:Ask and enter: '>alert("CSS Vulnerability"); in the mainlabel, intro, outro, or default input fields. They all allow the script to execute when the results are returned. Dave -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug. ___ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
[Bug 25340] Cross-site scripting (XSS) vulnerability in Semantic MediaWiki
https://bugzilla.wikimedia.org/show_bug.cgi?id=25340 Jeroen De Dauw changed: What|Removed |Added Status|REOPENED|RESOLVED Resolution||FIXED --- Comment #5 from Jeroen De Dauw 2010-09-30 22:02:37 UTC --- (In reply to comment #3) > I'm using 1.5.0 as is the semantic-mediawiki.org site. I just reproduced it at > the semantic-mediawiki site by going to > http://semantic-mediawiki.org/wiki/Special:Ask and putting the script code in > the query window. When I submitted the form, the response page displayed the > alert window in both Firefox and IE 6. > > Is there a later version of 1.5 that has this fixed? Oops - I meant that it was fixed in 1.5.1, not 1.5. You can confirm by trying out 1.5.1: http://en.openei.org/wiki/Special:Ask 1.5.2: http://smw.referata.com/wiki/Special:Ask -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug. ___ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
[Bug 25340] Cross-site scripting (XSS) vulnerability in Semantic MediaWiki
https://bugzilla.wikimedia.org/show_bug.cgi?id=25340 p858snake changed: What|Removed |Added Status|RESOLVED|REOPENED CC||p858sn...@gmail.com Resolution|FIXED | --- Comment #4 from p858snake 2010-09-30 15:02:27 UTC --- (In reply to comment #3) > I'm using 1.5.0 as is the semantic-mediawiki.org site. I just reproduced it at > the semantic-mediawiki site by going to > http://semantic-mediawiki.org/wiki/Special:Ask and putting the script code in > the query window. When I submitted the form, the response page displayed the > alert window in both Firefox and IE 6. > > Is there a later version of 1.5 that has this fixed? Can confirm. -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug. ___ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
[Bug 25340] Cross-site scripting (XSS) vulnerability in Semantic MediaWiki
https://bugzilla.wikimedia.org/show_bug.cgi?id=25340 --- Comment #3 from david.pa...@commercebank.com 2010-09-30 14:53:43 UTC --- I'm using 1.5.0 as is the semantic-mediawiki.org site. I just reproduced it at the semantic-mediawiki site by going to http://semantic-mediawiki.org/wiki/Special:Ask and putting the script code in the query window. When I submitted the form, the response page displayed the alert window in both Firefox and IE 6. Is there a later version of 1.5 that has this fixed? -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug. ___ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
[Bug 25340] Cross-site scripting (XSS) vulnerability in Semantic MediaWiki
https://bugzilla.wikimedia.org/show_bug.cgi?id=25340 Jeroen De Dauw changed: What|Removed |Added Status|ASSIGNED|RESOLVED Resolution||FIXED --- Comment #2 from Jeroen De Dauw 2010-09-29 22:44:18 UTC --- (In reply to comment #0) > If you enter: > > alert("CSS Vulnerability"); > > into the query window and click on the 'Find results' button, it will pop up > an > alert window the the 'CSS Vulnerability' message. > > This works on all versions of Media wiki and the semantic extensions I have > tried. > Works in both Firefox and IE. It looks like this vulnerability has already been fixed. I can not reproduce it using the latest SMW. I'm not sure, but suspect I fixed it in 1.5. What version are you using? -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug. ___ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
[Bug 25340] Cross-site scripting (XSS) vulnerability in Semantic MediaWiki
https://bugzilla.wikimedia.org/show_bug.cgi?id=25340 Jeroen De Dauw changed: What|Removed |Added Priority|Normal |High Status|NEW |ASSIGNED CC||jeroen_ded...@yahoo.com, ||mar...@semantic-mediawiki.o ||rg AssignedTo|mar...@semantic-mediawiki.o |jeroen_ded...@yahoo.com |rg | Severity|normal |major --- Comment #1 from Jeroen De Dauw 2010-09-29 21:16:31 UTC --- (In reply to comment #0) > If you enter: > > alert("CSS Vulnerability"); > > into the query window and click on the 'Find results' button, it will pop up > an > alert window the the 'CSS Vulnerability' message. > > This works on all versions of Media wiki and the semantic extensions I have > tried. > Works in both Firefox and IE. Thanks for pointing this out. I will be fixing this today, and make a new SMW release soon afterwards. -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug. ___ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
[Bug 25340] Cross-site scripting (XSS) vulnerability in Semantic MediaWiki
https://bugzilla.wikimedia.org/show_bug.cgi?id=25340 MZMcBride changed: What|Removed |Added CC||b...@mzmcbride.com Summary|Cross Site Scripting|Cross-site scripting (XSS) |Vulnerability |vulnerability in Semantic ||MediaWiki -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug. ___ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l