Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
XSS Vulnerability on Identity configuration (and on "edit as new" function) #4283
Reported by und3r on 18 Jul 2013 04:47 UTC as Trac ticket #1489251
i've found a XSS Vulnerability inside the "identity" configuration page. Into the "Sign" textarea, enabling HTML Sign, i've click on "HTML" button on the editor and i've write this HTML code:
hope this can help,
Comment by und3r on 18 Jul 2013 05:11 UTC
Comment by dennis1993 on 18 Jul 2013 08:49 UTC
It works in my Installation, too.
I've tested a little bit. Create a group in your addressbook with this Name: <script>alert('test');</script>
But now it's to late :)
Comment by dennis1993 on 18 Jul 2013 09:28 UTC
I installed 0.9.2 for a few minutes and the same code is not executable. That's funny xD
Comment by @thomascube on 18 Jul 2013 15:57 UTC
Is this really XSS when it only affects your very own account? Can you make the scripts to be executed by somebody else not using your login?
Nevertheless, we should filter the HTML source of signatures when saving as we can't be sure the receiving end will properly filter it.
Comment by und3r on 18 Jul 2013 22:55 UTC
i've make a test by sending this mail to my account:
see the attachment "edit_as_new_1.jpg" and "edit_as_new_2.jpg" for more details.