mahara-contributors team mailing list archive

Thread
Date

[Bug 1009774] Re: Links & resources urls are unsanitised

To: mahara-contributors@xxxxxxxxxxxxxxxxxxx
From: Melissa Draper <melissa@xxxxxxxxxxxxx>
Date: Tue, 31 Jul 2012 06:24:09 -0000
Reply-to: Bug 1009774 <1009774@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** This bug has been flagged as a security vulnerability

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
https://bugs.launchpad.net/bugs/1009774

Title:
  Links & resources urls are unsanitised

Status in Mahara ePortfolio:
  Fix Released

Bug description:
  Discovered by Emanuel Bronshtein. Present in all versions, requires an
  admin account.

   Configure site -> Menus -> Add External Link:
   http://localhost/mahara-1.5.1/mahara-1.5.1/htdocs/admin/site/menu.php
   Add new Link:
   Name: XSS
   Linked to: javascript:alert(location)
   click "Add".
   ...
   fix: Allow only whitelisted protocols (http,https,mailto).

  
  The sanitize_url function should be used for this.

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1009774/+subscriptions