Anonymous | Login | 2024-12-02 19:19 EST |
Main | My View | View Issues | Change Log | Roadmap |
View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||
ID | Project | Category | View Status | Date Submitted | Last Update | |||
0001454 | PacketFence | security | public | 2012-05-28 21:39 | 2012-06-14 12:16 | |||
Reporter | obilodeau | |||||||
Assigned To | obilodeau | |||||||
Priority | high | Severity | major | Reproducibility | always | |||
Status | closed | Resolution | fixed | |||||
Platform | OS | OS Version | ||||||
Product Version | 3.0.0 | |||||||
Target Version | 3.4.0 | Fixed in Version | 3.4.0 | |||||
Summary | 0001454: Reflected XSS in guest management | |||||||
Description | To reproduce browse to: https://webadmin:1443/guests/manage?columns="%3E%3Cscript%3Ealert%28%27XSS%20and%20thank%20you%20for%20your%20admin%20cookies%3A%20%27%20%2b%20document.cookie%29%3B%3C%2fscript%3E [^] | |||||||
Tags | No tags attached. | |||||||
fixed in git revision | 3ae90433f6308b45b0990dc8aaa3a860617cf42a | |||||||
fixed in mtn revision | ||||||||
Attached Files | ||||||||
Notes | |
(0002735) obilodeau (reporter) 2012-05-28 21:49 |
This naive fix seems to have effects on the javascript or something because the tab doesn't load by default anymore.. Experienced on firefox.diff --git a/html/captive-portal/templates/guest/register_guest.html b/html/captive-portal/templates/guest/register_guest.html index 0f57f9d..4e85847 100644 --- a/html/captive-portal/templates/guest/register_guest.html +++ b/html/captive-portal/templates/guest/register_guest.html @@ -136,7 +136,7 @@ var initialTabName = "single"; </div> <div class="input"> <span>[% i18n("Columns Order") %]*</span> - <input type="hidden" name="columns"id="columns_order" value="[% IF columns %][% columns %][% ELSE %]c_username,c_password[% END %]"> + <input type="hidden" name="columns" id="columns_order" value="[% IF columns %][% columns | html %][% ELSE %]c_username,c_password[% END %]"> <div class="note" id="columns"> <div class="column"><input type="checkbox" name="c_username" checked disabled><span>[% i18n("Username") %]</span><span class="order"><img src="/content/images/arrow_up_12x12.png">< <div class="column"><input type="checkbox" name="c_password" checked disabled><span>[% i18n("Password") %]</span><span class="order"><img src="/content/images/arrow_up_12x12.png">< |
(0002774) obilodeau (reporter) 2012-06-14 12:16 |
fix released in 3.4.0 yesterday |
(0002781) obilodeau (reporter) 2012-06-14 12:16 |
security problem now public |
Issue History | |||
Date Modified | Username | Field | Change |
2012-05-28 21:39 | obilodeau | New Issue | |
2012-05-28 21:49 | obilodeau | Note Added: 0002735 | |
2012-05-29 09:37 | obilodeau | git revision | => 3ae90433f6308b45b0990dc8aaa3a860617cf42a |
2012-05-29 09:37 | obilodeau | Status | new => resolved |
2012-05-29 09:37 | obilodeau | Fixed in Version | => +1 |
2012-05-29 09:37 | obilodeau | Resolution | open => fixed |
2012-05-29 09:37 | obilodeau | Assigned To | => obilodeau |
2012-06-14 12:15 | obilodeau | Target Version | => 3.4.0 |
2012-06-14 12:15 | obilodeau | Fixed in Version | +1 => 3.4.0 |
2012-06-14 12:16 | obilodeau | Note Added: 0002774 | |
2012-06-14 12:16 | obilodeau | Status | resolved => closed |
2012-06-14 12:16 | obilodeau | Note Added: 0002781 | |
2012-06-14 12:16 | obilodeau | View Status | private => public |
Copyright © 2000 - 2012 MantisBT Group |