FS#5202 - XSS
Attached to Project:
AUR web interface
Opened by trix (trix) - Thursday, 10 August 2006, 16:44 GMT
Last edited by Simo Leone (neotuli) - Wednesday, 20 February 2008, 11:53 GMT
Opened by trix (trix) - Thursday, 10 August 2006, 16:44 GMT
Last edited by Simo Leone (neotuli) - Wednesday, 20 February 2008, 11:53 GMT
|
Details
injecting this into the post variables has an xss flaw
username=<script>eval(String.fromCharCode(97,108,101,114,116,40,39,120,115,115,39,41,59));</script>&password= |
This task depends upon
Closed by Simo Leone (neotuli)
Wednesday, 20 February 2008, 11:53 GMT
Reason for closing: Fixed
Additional comments about closing: I'm pretty sure this was fixed back in september... lemme know if that's not the case.
Wednesday, 20 February 2008, 11:53 GMT
Reason for closing: Fixed
Additional comments about closing: I'm pretty sure this was fixed back in september... lemme know if that's not the case.
http://bugs.archlinux.org/task/5200
http://aur.archlinux.org/index.php
Advice on the fix: dont echo back exactly what is entered for the username. Use htmlentities($_POST["user"]); or something of that sort
The params have changed so use this in the post string:
user=<script>eval(String.fromCharCode(97,108,101,114,116,40,39,120,115,115,39,41,59));</script>&pass=
Not sure if this bug was fixed in the most recent round of updates to the aur..