Join GitHub today
Fixed XSS issue #26
Response data from commands is not escaped before printing, leading to a potential XSS attack on all sites hosting the looking glass.
This can potentially even lead to viable attacks across subdomains via session fixation. (User is tricked into going to this url, either in a hidden iframe/etc. Cookies are overwritten with attacker controlled cookies, and user logs in while still using attacker controlled cookies)
A proof of concept can be viewed by going to the URL in the looking glass:
The reverse DNS record for that domain contains html which inserts an image into the page.