From bugzilla-daemon@pippin.metavore.com Thu Apr 17 20:48:25 2008 From: bugzilla-daemon@pippin.metavore.com To: koha-bugs@lists.koha-community.org Subject: [Koha-bugs] [Bug 2026] New: Comments allow unsanitized input Date: Thu, 17 Apr 2008 11:25:48 -0700 Message-ID: <20080417182548.370D612988026@pippin.metavore.com> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============5097735921894517973==" --===============5097735921894517973== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit http://bugs.koha.org/cgi-bin/bugzilla/show_bug.cgi?id=2026 Summary: Comments allow unsanitized input Product: Koha Version: HEAD Platform: PC URL: http://atz.dev.kohalibrary.com/cgi-bin/koha/opac- detail.pl?biblionumber=147# OS/Version: All Status: NEW Severity: major Priority: P3 Component: OPAC Comments AssignedTo: chris@bigballofwax.co.nz ReportedBy: joe.atzberger@liblime.com QAContact: koha-bugs@lists.koha.org Comments have totally unsanitized input. Not even the size is checked. We shouldn't be relying on a library aide to strip out CDATA and script links. Try this comment text (or see URL): Test link: google. Test script: . Of course, far more pernicious links and scripts could be injected. Human review is not the answer for this problem, in particular since several patches are in discussion to allow unmoderated comments. ------- You are receiving this mail because: ------- You are the QA contact for the bug, or are watching the QA contact. --===============5097735921894517973==--