New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Drafts are vulnerable & contain very limited XSS #1672
Milestone
Comments
linc
added a commit
that referenced
this issue
Mar 15, 2014
linc
added a commit
that referenced
this issue
Mar 15, 2014
linc
added a commit
that referenced
this issue
Mar 15, 2014
linc
added a commit
that referenced
this issue
Mar 15, 2014
linc
added a commit
that referenced
this issue
Mar 15, 2014
kasperisager
added a commit
that referenced
this issue
Mar 17, 2014
* master: Drafts: filter your draft names, closes #1672 Drafts: verify ownership in editdiscussion for #1672 Module: don't fatal if not visible Core: added check for JS library dependency in atmentions. Currently the atwho library only loads within the Vanilla application. Bump version to bust js cache. Fix logic problem where embed would only embed on connect pages rather than not embed on connect pages. Fire an event for a conversation with a specific type. Announce fix: array_merge renumbers numeric keys which reversed options on post form Version bump for js. PromotedContent: typo in helper_functions PromotedContent module: typos merge core:stage file into master. Getty embed: addtl chars allowed Getty image support Pass strings through T() for translations
kasperisager
added a commit
that referenced
this issue
Mar 19, 2014
* master: Fix bug related to theme URLs in the dashboard If a URL is provided in a theme's `about.php` file, it would be output in the dashboard using the `url()` function, with the first argument being the theme name and the second being the URL. That however won't work—there seems to have been a mix up between `url()` and `anchor()`. Fix typos in conversation view event. Fix issue where type is required when adding a tag from the dashboard. Drafts: filter your draft names, closes #1672 Drafts: verify ownership in editdiscussion for #1672 Module: don't fatal if not visible Core: added check for JS library dependency in atmentions. Currently the atwho library only loads within the Vanilla application. Bump version to bust js cache. Fix logic problem where embed would only embed on connect pages rather than not embed on connect pages. Fire an event for a conversation with a specific type. Announce fix: array_merge renumbers numeric keys which reversed options on post form Version bump for js. PromotedContent: typo in helper_functions PromotedContent module: typos merge core:stage file into master. Getty embed: addtl chars allowed Getty image support Pass strings through T() for translations
kasperisager
added a commit
that referenced
this issue
Mar 26, 2014
* master: (1039 commits) Bump Tagging to 1.8.7 Tagging: array was overwriting itself with own indexes in loop, resulting in ['DiscussionID'] becoming a string, which cannot be unset. Reset tag cloud list style and padding Future themes should not (and mine already don't) pollute the global scope with `<ul>` and `<ol>` resets. Both for semantic reasons, but also because we need to reconsider our use of lists. Tagging: Join discussion tags in the tagging plugin. Fix bug related to theme URLs in the dashboard If a URL is provided in a theme's `about.php` file, it would be output in the dashboard using the `url()` function, with the first argument being the theme name and the second being the URL. That however won't work—there seems to have been a mix up between `url()` and `anchor()`. Fix typos in conversation view event. Fix issue where type is required when adding a tag from the dashboard. Drafts: filter your draft names, closes #1672 Drafts: verify ownership in editdiscussion for #1672 Module: don't fatal if not visible Core: added check for JS library dependency in atmentions. Currently the atwho library only loads within the Vanilla application. Bump version to bust js cache. Fix logic problem where embed would only embed on connect pages rather than not embed on connect pages. Fire an event for a conversation with a specific type. Announce fix: array_merge renumbers numeric keys which reversed options on post form Version bump for js. PromotedContent: typo in helper_functions PromotedContent module: typos merge core:stage file into master. Getty embed: addtl chars allowed ...
kasperisager
added a commit
that referenced
this issue
Mar 26, 2014
* master: CLeditor: changed background default to white so it doesn't clash with dark backgrounds Bump Tagging to 1.8.7 Tagging: array was overwriting itself with own indexes in loop, resulting in ['DiscussionID'] becoming a string, which cannot be unset. Reset tag cloud list style and padding Future themes should not (and mine already don't) pollute the global scope with `<ul>` and `<ol>` resets. Both for semantic reasons, but also because we need to reconsider our use of lists. Tagging: Join discussion tags in the tagging plugin. Fix bug related to theme URLs in the dashboard If a URL is provided in a theme's `about.php` file, it would be output in the dashboard using the `url()` function, with the first argument being the theme name and the second being the URL. That however won't work—there seems to have been a mix up between `url()` and `anchor()`. Fix typos in conversation view event. Fix issue where type is required when adding a tag from the dashboard. Drafts: filter your draft names, closes #1672 Drafts: verify ownership in editdiscussion for #1672 Module: don't fatal if not visible Core: added check for JS library dependency in atmentions. Currently the atwho library only loads within the Vanilla application. Bump version to bust js cache. Fix logic problem where embed would only embed on connect pages rather than not embed on connect pages. Fire an event for a conversation with a specific type. Announce fix: array_merge renumbers numeric keys which reversed options on post form Version bump for js. Getty embed: addtl chars allowed Conflicts: applications/conversations/views/messages/index.php
kasperisager
added a commit
that referenced
this issue
Mar 26, 2014
* master: (24 commits) CLeditor: changed background default to white so it doesn't clash with dark backgrounds Bump Tagging to 1.8.7 Tagging: array was overwriting itself with own indexes in loop, resulting in ['DiscussionID'] becoming a string, which cannot be unset. Reset tag cloud list style and padding Future themes should not (and mine already don't) pollute the global scope with `<ul>` and `<ol>` resets. Both for semantic reasons, but also because we need to reconsider our use of lists. Tagging: Join discussion tags in the tagging plugin. Fix bug related to theme URLs in the dashboard If a URL is provided in a theme's `about.php` file, it would be output in the dashboard using the `url()` function, with the first argument being the theme name and the second being the URL. That however won't work—there seems to have been a mix up between `url()` and `anchor()`. Fix typos in conversation view event. Fix issue where type is required when adding a tag from the dashboard. Drafts: filter your draft names, closes #1672 Drafts: verify ownership in editdiscussion for #1672 Module: don't fatal if not visible Core: added check for JS library dependency in atmentions. Currently the atwho library only loads within the Vanilla application. Bump version to bust js cache. Fix logic problem where embed would only embed on connect pages rather than not embed on connect pages. Fire an event for a conversation with a specific type. Announce fix: array_merge renumbers numeric keys which reversed options on post form Version bump for js. PromotedContent: typo in helper_functions PromotedContent module: typos merge core:stage file into master. ...
wilson29thid
pushed a commit
to 29th/vanilla
that referenced
this issue
Dec 27, 2014
wilson29thid
pushed a commit
to 29th/vanilla
that referenced
this issue
Dec 27, 2014
wilson29thid
pushed a commit
to 29th/vanilla
that referenced
this issue
Dec 27, 2014
* master: Fix bug related to theme URLs in the dashboard If a URL is provided in a theme's `about.php` file, it would be output in the dashboard using the `url()` function, with the first argument being the theme name and the second being the URL. That however won't work—there seems to have been a mix up between `url()` and `anchor()`. Fix typos in conversation view event. Fix issue where type is required when adding a tag from the dashboard. Drafts: filter your draft names, closes vanilla#1672 Drafts: verify ownership in editdiscussion for vanilla#1672 Module: don't fatal if not visible Core: added check for JS library dependency in atmentions. Currently the atwho library only loads within the Vanilla application. Bump version to bust js cache. Fix logic problem where embed would only embed on connect pages rather than not embed on connect pages. Fire an event for a conversation with a specific type. Announce fix: array_merge renumbers numeric keys which reversed options on post form Version bump for js. PromotedContent: typo in helper_functions PromotedContent module: typos merge core:stage file into master. Getty embed: addtl chars allowed Getty image support Pass strings through T() for translations
wilson29thid
pushed a commit
to 29th/vanilla
that referenced
this issue
Dec 27, 2014
* master: CLeditor: changed background default to white so it doesn't clash with dark backgrounds Bump Tagging to 1.8.7 Tagging: array was overwriting itself with own indexes in loop, resulting in ['DiscussionID'] becoming a string, which cannot be unset. Reset tag cloud list style and padding Future themes should not (and mine already don't) pollute the global scope with `<ul>` and `<ol>` resets. Both for semantic reasons, but also because we need to reconsider our use of lists. Tagging: Join discussion tags in the tagging plugin. Fix bug related to theme URLs in the dashboard If a URL is provided in a theme's `about.php` file, it would be output in the dashboard using the `url()` function, with the first argument being the theme name and the second being the URL. That however won't work—there seems to have been a mix up between `url()` and `anchor()`. Fix typos in conversation view event. Fix issue where type is required when adding a tag from the dashboard. Drafts: filter your draft names, closes vanilla#1672 Drafts: verify ownership in editdiscussion for vanilla#1672 Module: don't fatal if not visible Core: added check for JS library dependency in atmentions. Currently the atwho library only loads within the Vanilla application. Bump version to bust js cache. Fix logic problem where embed would only embed on connect pages rather than not embed on connect pages. Fire an event for a conversation with a specific type. Announce fix: array_merge renumbers numeric keys which reversed options on post form Version bump for js. Getty embed: addtl chars allowed Conflicts: applications/conversations/views/messages/index.php
wilson29thid
pushed a commit
to 29th/vanilla
that referenced
this issue
Dec 27, 2014
* master: Drafts: filter your draft names, closes vanilla#1672 Drafts: verify ownership in editdiscussion for vanilla#1672 Module: don't fatal if not visible Core: added check for JS library dependency in atmentions. Currently the atwho library only loads within the Vanilla application. Bump version to bust js cache. Fix logic problem where embed would only embed on connect pages rather than not embed on connect pages. Fire an event for a conversation with a specific type. Announce fix: array_merge renumbers numeric keys which reversed options on post form Version bump for js. PromotedContent: typo in helper_functions PromotedContent module: typos merge core:stage file into master. Getty embed: addtl chars allowed Getty image support Pass strings through T() for translations
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 - Vanilla Drafts Insecure Permissions Vulnerability
To View other peoples drafts Make a draft on one account and it will make a url like /index.php?p=/post/editdiscussion/0/5 which any member can access.
2 - Drafts XSS (Low risk, only triggers on your own draft page)
Set XSS to the title of discusison Save as Draft View Drafts Page
ALL BRANCHES - backport to 2.0
The text was updated successfully, but these errors were encountered: