Possible XSS Security flaw with lines that begin with white space.
Reported by VirtualFunction | June 26th, 2008 @ 11:26 PM | in 4.0
It appears that lines that start with white space do not get treated correctly by the scanner and thus get ignored by the scanner.
While this is probably not a major issue, it does mean that lines that have white space don't get formatted. In the case of a public site, such as a Wiki this poses to be a potential security flaw as dangerous tags such as
The attached file contains an example.
Comments and changes to this ticket
-
VirtualFunction June 26th, 2008 @ 11:31 PM
Oh and this attachment has results, not that you need them as the current master branch will yield the same results as attached.
-
Jason Garber June 27th, 2008 @ 01:36 PM
- State changed from “new” to “open”
- Tag set to “filter_html, sanitize_html”
Oops. I deleted the attachment by mistake. I remember it though.
Working on a fix...
-
Jason Garber July 7th, 2008 @ 03:03 PM
- State changed from “open” to “resolved”
I believe I have fixed this in a series of commits 12cf8eb..1d06a6c Actually, I was handling lines beginning with white space wrongly anyway. But I have fixed the XSS flaw in all the other structures as well.
Please Sign in or create a free account to add a new ticket.
With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.
Create new ticket
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป
RedCloth is a Ruby library for converting Textile into HTML
People watching this ticket
Jason Garber
VirtualFunction
Attachments
Tags
Referenced by
-
4
Segfault with links
#6 0x00007f6f37aab8b4 in redcloth_inline (self=14011564...