FS#5202 - XSS

Attached to Project: AUR web interface
Opened by trix (trix) - Thursday, 10 August 2006, 16:44 GMT
Last edited by Simo Leone (neotuli) - Wednesday, 20 February 2008, 11:53 GMT
Task Type Bug Report
Category Web Sites
Status Closed
Assigned To Paul Mattal (paul)
Simo Leone (neotuli)
eliott (cactus)
Architecture All
Severity Medium
Priority Normal
Reported Version 0.7.2 Gimmick
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

injecting this into the post variables has an xss flaw

username=<script>eval(String.fromCharCode(97,108,101,114,116,40,39,120,115,115,39,41,59));</script>&password=
This task depends upon

Closed by  Simo Leone (neotuli)
Wednesday, 20 February 2008, 11:53 GMT
Reason for closing:  Fixed
Additional comments about closing:  I'm pretty sure this was fixed back in september... lemme know if that's not the case.
Comment by Roman Kyrylych (Romashka) - Monday, 14 August 2006, 13:03 GMT
Duplicate?
http://bugs.archlinux.org/task/5200
Comment by trix (trix) - Monday, 14 August 2006, 13:25 GMT
nope this is a separate bug. This is for one of the login pages.
Comment by Roman Kyrylych (Romashka) - Thursday, 09 November 2006, 00:25 GMT
Judd, status?
Comment by eliott (cactus) - Monday, 28 May 2007, 00:36 GMT
Is this still an issue, after the flyspray upgrade?
Comment by trix (trix) - Monday, 28 May 2007, 05:01 GMT
It occurs on this page:

http://aur.archlinux.org/index.php

Advice on the fix: dont echo back exactly what is entered for the username. Use htmlentities($_POST["user"]); or something of that sort

The params have changed so use this in the post string:
user=<script>eval(String.fromCharCode(97,108,101,114,116,40,39,120,115,115,39,41,59));</script>&pass=
Comment by eliott (cactus) - Saturday, 15 September 2007, 05:19 GMT
Assigning to Paul as well...
Not sure if this bug was fixed in the most recent round of updates to the aur..

Loading...