Comments (maybe all other html/text-inputfields) XSS vulnerable
Posted: 28 Jul 2016, 18:33
This is a serious threat.
Tested also on the actual demo, which is probably up to date.
Steps to reproduce:
In a comment textfield (or maybe all other html/text-fields, tested with the field "Comment") insert:
Expected result:
I can read
"<script type="text/javascript">alert("XSS vulnerable");</script>"
in the current saved comment
Actual result:
The comment ist empty and the piece of javascript gets executed in the context of the users browser.
Even worse, emails sent from Rukovoditel show the same behaviour.
So any user of a Rukovoditel installation can infect all the other users with malicious code.
Tested also on the actual demo, which is probably up to date.
Steps to reproduce:
In a comment textfield (or maybe all other html/text-fields, tested with the field "Comment") insert:
Code: Select all
<script type="text/javascript">alert("XSS vulnerable");</script>I can read
"<script type="text/javascript">alert("XSS vulnerable");</script>"
in the current saved comment
Actual result:
The comment ist empty and the piece of javascript gets executed in the context of the users browser.
Even worse, emails sent from Rukovoditel show the same behaviour.
So any user of a Rukovoditel installation can infect all the other users with malicious code.