-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
XSS with svg use tag on RC 1.5.3 #9168
Comments
|
I'm unable to reproduce the issue in Firefox nor Chrome. The href attribute is indeed passed as-is to the browser, but it does not execute the javascript code. Tested with 1.5.4, but I don't see anything related in the changelog since 1.5.3. So, maybe I'm doing something wrong. Could you provide a complete test message? |
|
Ok, I was able to reproduce now. |
|
Fixed. |
|
@alecpl Thanks! |
|
This issue got CVE-2023-5631 assigned. |
Hello dear developers!
Next sample shows me XSS. Would be pleased if you could check it on latest Roundcube version.
Reproduce:
This is encoded string to base64 that you see above:
Env
RoundCube version: 1.5.3
Browsers: Google Chrome (Version 117.0.5938.62), Mozila Firefox (117.0.1 (64-bit))
Thanks!
The text was updated successfully, but these errors were encountered: