[Bug 25340] Cross-site scripting (XSS) vulnerability in Semantic MediaWiki
https://bugzilla.wikimedia.org/show_bug.cgi?id=25340 Jeroen De Dauw changed: What|Removed |Added Status|NEW |RESOLVED Resolution||FIXED -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug. ___ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
[Bug 25340] Cross-site scripting (XSS) vulnerability in Semantic MediaWiki
https://bugzilla.wikimedia.org/show_bug.cgi?id=25340 Jeroen De Dauw changed: What|Removed |Added Status|REOPENED|NEW --- Comment #7 from Jeroen De Dauw 2010-11-02 20:04:04 UTC --- Thanks for reporting this. The issue should be fixed after this commit: https://secure.wikimedia.org/wikipedia/mediawiki/wiki/Special:Code/MediaWiki/75871 -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug. ___ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
[Bug 25340] Cross-site scripting (XSS) vulnerability in Semantic MediaWiki
https://bugzilla.wikimedia.org/show_bug.cgi?id=25340
david.pa...@commercebank.com changed:
What|Removed |Added
Status|RESOLVED|REOPENED
Resolution|FIXED |
--- Comment #6 from david.pa...@commercebank.com 2010-11-01 15:00:04 UTC ---
We've found the same vulnerability in the 'default' input field on the ask
screen. To Replicate:
Go to:
http://semantic-mediawiki.org/wiki/Special:Ask
and enter:
'>alert("CSS Vulnerability");
in the mainlabel, intro, outro, or default input fields. They all allow the
script to execute when the results are returned.
Dave
--
Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.
___
Wikibugs-l mailing list
Wikibugs-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
[Bug 25340] Cross-site scripting (XSS) vulnerability in Semantic MediaWiki
https://bugzilla.wikimedia.org/show_bug.cgi?id=25340 Jeroen De Dauw changed: What|Removed |Added Status|REOPENED|RESOLVED Resolution||FIXED --- Comment #5 from Jeroen De Dauw 2010-09-30 22:02:37 UTC --- (In reply to comment #3) > I'm using 1.5.0 as is the semantic-mediawiki.org site. I just reproduced it at > the semantic-mediawiki site by going to > http://semantic-mediawiki.org/wiki/Special:Ask and putting the script code in > the query window. When I submitted the form, the response page displayed the > alert window in both Firefox and IE 6. > > Is there a later version of 1.5 that has this fixed? Oops - I meant that it was fixed in 1.5.1, not 1.5. You can confirm by trying out 1.5.1: http://en.openei.org/wiki/Special:Ask 1.5.2: http://smw.referata.com/wiki/Special:Ask -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug. ___ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
[Bug 25340] Cross-site scripting (XSS) vulnerability in Semantic MediaWiki
https://bugzilla.wikimedia.org/show_bug.cgi?id=25340 p858snake changed: What|Removed |Added Status|RESOLVED|REOPENED CC||p858sn...@gmail.com Resolution|FIXED | --- Comment #4 from p858snake 2010-09-30 15:02:27 UTC --- (In reply to comment #3) > I'm using 1.5.0 as is the semantic-mediawiki.org site. I just reproduced it at > the semantic-mediawiki site by going to > http://semantic-mediawiki.org/wiki/Special:Ask and putting the script code in > the query window. When I submitted the form, the response page displayed the > alert window in both Firefox and IE 6. > > Is there a later version of 1.5 that has this fixed? Can confirm. -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug. ___ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
[Bug 25340] Cross-site scripting (XSS) vulnerability in Semantic MediaWiki
https://bugzilla.wikimedia.org/show_bug.cgi?id=25340 --- Comment #3 from david.pa...@commercebank.com 2010-09-30 14:53:43 UTC --- I'm using 1.5.0 as is the semantic-mediawiki.org site. I just reproduced it at the semantic-mediawiki site by going to http://semantic-mediawiki.org/wiki/Special:Ask and putting the script code in the query window. When I submitted the form, the response page displayed the alert window in both Firefox and IE 6. Is there a later version of 1.5 that has this fixed? -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug. ___ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
[Bug 25340] Cross-site scripting (XSS) vulnerability in Semantic MediaWiki
https://bugzilla.wikimedia.org/show_bug.cgi?id=25340
Jeroen De Dauw changed:
What|Removed |Added
Status|ASSIGNED|RESOLVED
Resolution||FIXED
--- Comment #2 from Jeroen De Dauw 2010-09-29
22:44:18 UTC ---
(In reply to comment #0)
> If you enter:
>
> alert("CSS Vulnerability");
>
> into the query window and click on the 'Find results' button, it will pop up
> an
> alert window the the 'CSS Vulnerability' message.
>
> This works on all versions of Media wiki and the semantic extensions I have
> tried.
> Works in both Firefox and IE.
It looks like this vulnerability has already been fixed. I can not reproduce it
using the latest SMW. I'm not sure, but suspect I fixed it in 1.5. What version
are you using?
--
Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.
___
Wikibugs-l mailing list
Wikibugs-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
[Bug 25340] Cross-site scripting (XSS) vulnerability in Semantic MediaWiki
https://bugzilla.wikimedia.org/show_bug.cgi?id=25340
Jeroen De Dauw changed:
What|Removed |Added
Priority|Normal |High
Status|NEW |ASSIGNED
CC||jeroen_ded...@yahoo.com,
||mar...@semantic-mediawiki.o
||rg
AssignedTo|mar...@semantic-mediawiki.o |jeroen_ded...@yahoo.com
|rg |
Severity|normal |major
--- Comment #1 from Jeroen De Dauw 2010-09-29
21:16:31 UTC ---
(In reply to comment #0)
> If you enter:
>
> alert("CSS Vulnerability");
>
> into the query window and click on the 'Find results' button, it will pop up
> an
> alert window the the 'CSS Vulnerability' message.
>
> This works on all versions of Media wiki and the semantic extensions I have
> tried.
> Works in both Firefox and IE.
Thanks for pointing this out. I will be fixing this today, and make a new SMW
release soon afterwards.
--
Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.
___
Wikibugs-l mailing list
Wikibugs-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
[Bug 25340] Cross-site scripting (XSS) vulnerability in Semantic MediaWiki
https://bugzilla.wikimedia.org/show_bug.cgi?id=25340 MZMcBride changed: What|Removed |Added CC||b...@mzmcbride.com Summary|Cross Site Scripting|Cross-site scripting (XSS) |Vulnerability |vulnerability in Semantic ||MediaWiki -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug. ___ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
