WassUp Forums

• Forums
• WassUp

1. 

   umutweb
   Member

   Hi.

   Using special characters like < and > in searchbox it is possible to write a sciprt which runs in admin page, that may cause a securtiy bug.

   How to produce this bug:

   A user, seaches the blog. He enters a search keyword such as <script>alert("Hello");</script>

   So the full path is:
   http://yoursite/?s=<script>alert("Hello")%3B<%2Fscript>

   It causes Wassup to show:
   http://img180.imagevenue.com/img.php?image=67416_Capture_122_811lo.JPG

   We need htmlspecialchars. Writing JS to admin page is possible for now :(

   Posted 2 years ago #
2. 

   Michele
   Key Master

   Thank you very much you are right, to solve it, please try to comment the line 505 in lib/main.php:

   //input = trim(stripslashes(rawurldecode(html_entity_decode($input)))," +\t");

   I will release a new version ASAP to fix this problem

   Michele - WassUp Project

   Posted 2 years ago #
3. 

   helene
   Moderator

   Michele,

   A strip_tags() around the code on line 505 should fix the problem.

   -Helene.

   -Helene D.
   http://techfromhel.webege.com

   Posted 2 years ago #

RSS feed for this topic

Reply

You must log in to post.