Opened 12 years ago

Closed 11 years ago

#5336 closed defect (fixed)

mythweb vulnerable to XSS

Reported by: laga+mythtv@… Owned by: Rob Smith
Priority: critical Milestone: unknown
Component: mythweb Version: unknown
Severity: high Keywords:
Cc: Ticket locked: no

Description

Hi,

this bug was forwarded from https://bugs.launchpad.net/ubuntu/+source/mythtv/+bug/214766

The search box in MythWeb doesn't sanitize input data properly. As pointed out by jba6511, it's possible to inject code, e.g. <script>alert(document.cookie);</script>

Change History (3)

comment:1 Changed 11 years ago by Rob Smith

Component: mythtvmythweb
Owner: changed from Isaac Richards to Rob Smith
Priority: minorcritical
Severity: mediumhigh
Status: newaccepted

comment:2 Changed 11 years ago by anonymous

Oops, wrong URL to launchpad. Here's a better one: https://bugs.launchpad.net/ubuntu/+source/mythplugins/+bug/220088

thanks stuarta :)

comment:3 Changed 11 years ago by Rob Smith

Resolution: fixed
Status: acceptedclosed

(In [17549]) Fixes #5336, this escapes the search results output to prevent XSS

Note: See TracTickets for help on using tickets.