request resource displayed without escaping in FileService error page html #20
Comments
|
Committed patch to develop: b5d4954 Thanks! |
mikedickey
pushed a commit
that referenced
this issue
Oct 30, 2015
* commit '27a505abcd59a42ad863ba88fd6673b15cc28e8f': STREAM-1648: Coverity issue 12176 Initialized m_bytes_transferred in pion::tcp::stream_buffer constructor. STREAM-1648: Coverity issue 11962 Initialized m_size_of_current_chunk and m_bytes_read_in_current_chunk in pion::http::parser constructor.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The resource from the request is displayed in FileService's error html, such as the 404 page. Since the resource isn't escaped, it allows a possible XSS attack if you can get someone to click a malicious link. I found out about this from someone testing with nikto, and it seems to be the "Error Page Example" issue described here https://www.owasp.org/index.php/Cross-site_Scripting_%28XSS%29.
To fix it, I think all that would need done is to html escape the resource.
I'm using an old version of pion (3.0.5), but it didn't look like it has been fixed from a quick look at the latest version.
The text was updated successfully, but these errors were encountered: