<code> comes through unfiltered
Reported by Heiko Webers | October 8th, 2008 @ 05:46 AM
RedCloth.new('<code onmouseover="bad_code_goes_here">hi</code>', [:filter_html]).to_html
renders
"<p><code onmouseover=\"bad_code_goes_here\">hi</code></p>"
This is a security problem
Comments and changes to this ticket
-
-
Alexander E. Fischer April 1st, 2015 @ 04:50 PM
Trying the code sample validates that the HTML is not defused. If I see this correctly, than this security bug allowing XSS attacks existed for about 7 years and hasn't gotten any attention.
Please Sign in or create a free account to add a new ticket.
With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.
Create new ticket
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป
RedCloth is a Ruby library for converting Textile into HTML
Heiko Webers