[Bug 25340] Cross-site scripting (XSS) vulnerability in Semantic MediaWiki

2011-02-02 Thread bugzilla-daemon
https://bugzilla.wikimedia.org/show_bug.cgi?id=25340

Jeroen De Dauw  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution||FIXED

-- 
Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
Wikibugs-l mailing list
Wikibugs-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l


[Bug 25340] Cross-site scripting (XSS) vulnerability in Semantic MediaWiki

2010-11-02 Thread bugzilla-daemon
https://bugzilla.wikimedia.org/show_bug.cgi?id=25340

Jeroen De Dauw  changed:

   What|Removed |Added

 Status|REOPENED|NEW

--- Comment #7 from Jeroen De Dauw  2010-11-02 
20:04:04 UTC ---
Thanks for reporting this.

The issue should be fixed after this commit:
https://secure.wikimedia.org/wikipedia/mediawiki/wiki/Special:Code/MediaWiki/75871

-- 
Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
Wikibugs-l mailing list
Wikibugs-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l


[Bug 25340] Cross-site scripting (XSS) vulnerability in Semantic MediaWiki

2010-11-01 Thread bugzilla-daemon
https://bugzilla.wikimedia.org/show_bug.cgi?id=25340

david.pa...@commercebank.com changed:

   What|Removed |Added

 Status|RESOLVED|REOPENED
 Resolution|FIXED   |

--- Comment #6 from david.pa...@commercebank.com 2010-11-01 15:00:04 UTC ---
We've found the same vulnerability in the 'default' input field on the ask
screen. To Replicate:

Go to:
http://semantic-mediawiki.org/wiki/Special:Ask

and enter:

'>alert("CSS Vulnerability");

in the mainlabel, intro, outro, or default input fields. They all allow the
script to execute when the results are returned.

Dave

-- 
Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
Wikibugs-l mailing list
Wikibugs-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l


[Bug 25340] Cross-site scripting (XSS) vulnerability in Semantic MediaWiki

2010-09-30 Thread bugzilla-daemon
https://bugzilla.wikimedia.org/show_bug.cgi?id=25340

Jeroen De Dauw  changed:

   What|Removed |Added

 Status|REOPENED|RESOLVED
 Resolution||FIXED

--- Comment #5 from Jeroen De Dauw  2010-09-30 
22:02:37 UTC ---
(In reply to comment #3)
> I'm using 1.5.0 as is the semantic-mediawiki.org site. I just reproduced it at
> the semantic-mediawiki site by going to
> http://semantic-mediawiki.org/wiki/Special:Ask and putting the script code in
> the query window. When I submitted the form, the response page displayed the
> alert window in both Firefox and IE 6.
> 
> Is there a later version of 1.5 that has this fixed?

Oops - I meant that it was fixed in 1.5.1, not 1.5.

You can confirm by trying out
1.5.1: http://en.openei.org/wiki/Special:Ask
1.5.2: http://smw.referata.com/wiki/Special:Ask

-- 
Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
Wikibugs-l mailing list
Wikibugs-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l


[Bug 25340] Cross-site scripting (XSS) vulnerability in Semantic MediaWiki

2010-09-30 Thread bugzilla-daemon
https://bugzilla.wikimedia.org/show_bug.cgi?id=25340

p858snake  changed:

   What|Removed |Added

 Status|RESOLVED|REOPENED
 CC||p858sn...@gmail.com
 Resolution|FIXED   |

--- Comment #4 from p858snake  2010-09-30 15:02:27 UTC ---
(In reply to comment #3)
> I'm using 1.5.0 as is the semantic-mediawiki.org site. I just reproduced it at
> the semantic-mediawiki site by going to
> http://semantic-mediawiki.org/wiki/Special:Ask and putting the script code in
> the query window. When I submitted the form, the response page displayed the
> alert window in both Firefox and IE 6.
> 
> Is there a later version of 1.5 that has this fixed?
Can confirm.

-- 
Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
Wikibugs-l mailing list
Wikibugs-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l


[Bug 25340] Cross-site scripting (XSS) vulnerability in Semantic MediaWiki

2010-09-30 Thread bugzilla-daemon
https://bugzilla.wikimedia.org/show_bug.cgi?id=25340

--- Comment #3 from david.pa...@commercebank.com 2010-09-30 14:53:43 UTC ---
I'm using 1.5.0 as is the semantic-mediawiki.org site. I just reproduced it at
the semantic-mediawiki site by going to
http://semantic-mediawiki.org/wiki/Special:Ask and putting the script code in
the query window. When I submitted the form, the response page displayed the
alert window in both Firefox and IE 6.

Is there a later version of 1.5 that has this fixed?

-- 
Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
Wikibugs-l mailing list
Wikibugs-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l


[Bug 25340] Cross-site scripting (XSS) vulnerability in Semantic MediaWiki

2010-09-29 Thread bugzilla-daemon
https://bugzilla.wikimedia.org/show_bug.cgi?id=25340

Jeroen De Dauw  changed:

   What|Removed |Added

 Status|ASSIGNED|RESOLVED
 Resolution||FIXED

--- Comment #2 from Jeroen De Dauw  2010-09-29 
22:44:18 UTC ---
(In reply to comment #0)
> If you enter:
> 
> alert("CSS Vulnerability");
> 
> into the query window and click on the 'Find results' button, it will pop up 
> an
> alert window the the 'CSS Vulnerability' message.
> 
> This works on all versions of Media wiki and the semantic extensions I have
> tried.
> Works in both Firefox and IE.

It looks like this vulnerability has already been fixed. I can not reproduce it
using the latest SMW. I'm not sure, but suspect I fixed it in 1.5. What version
are you using?

-- 
Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
Wikibugs-l mailing list
Wikibugs-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l


[Bug 25340] Cross-site scripting (XSS) vulnerability in Semantic MediaWiki

2010-09-29 Thread bugzilla-daemon
https://bugzilla.wikimedia.org/show_bug.cgi?id=25340

Jeroen De Dauw  changed:

   What|Removed |Added

   Priority|Normal  |High
 Status|NEW |ASSIGNED
 CC||jeroen_ded...@yahoo.com,
   ||mar...@semantic-mediawiki.o
   ||rg
 AssignedTo|mar...@semantic-mediawiki.o |jeroen_ded...@yahoo.com
   |rg  |
   Severity|normal  |major

--- Comment #1 from Jeroen De Dauw  2010-09-29 
21:16:31 UTC ---
(In reply to comment #0)
> If you enter:
> 
> alert("CSS Vulnerability");
> 
> into the query window and click on the 'Find results' button, it will pop up 
> an
> alert window the the 'CSS Vulnerability' message.
> 
> This works on all versions of Media wiki and the semantic extensions I have
> tried.
> Works in both Firefox and IE.

Thanks for pointing this out. I will be fixing this today, and make a new SMW
release soon afterwards.

-- 
Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
Wikibugs-l mailing list
Wikibugs-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l


[Bug 25340] Cross-site scripting (XSS) vulnerability in Semantic MediaWiki

2010-09-27 Thread bugzilla-daemon
https://bugzilla.wikimedia.org/show_bug.cgi?id=25340

MZMcBride  changed:

   What|Removed |Added

 CC||b...@mzmcbride.com
Summary|Cross Site Scripting|Cross-site scripting (XSS)
   |Vulnerability   |vulnerability in Semantic
   ||MediaWiki

-- 
Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
Wikibugs-l mailing list
Wikibugs-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l