Menu

#755 Magazine directory XSS vulnerability OBB-555717

v1.0 (example)
closed-fixed
None
5
2020-11-20
2020-09-14
No

Following fixes https://www.openbugbounty.org/reports/555717/

Index: sources/biblio/directory.py
===================================================================
--- sources/biblio/directory.py (Revision 551)
+++ sources/biblio/directory.py (Arbeitskopie)
@@ -13,6 +13,7 @@
 import sys
 import os
 import string
+from cgi import escape
 from SQLparsing import *
 from biblio import *

@@ -76,7 +77,7 @@

         try:
                 section = unescapeLink(sys.argv[2])
-               title = "%s Directory: %s" % (dir_type.title(), section.title())
+               title = "%s Directory: %s" % (dir_type.title(), escape(section.title()))
        except:
                section = ''
                title = "%s Directory" % (dir_type.title())
@@ -163,7 +164,7 @@
                         if count:
                                 print """<h3>Note: Matching magazines whose series titles do not match the
                                 entered value have asterisks next to their titles.<p>
-                                Number of %s names starting with "%s": %d </h3>""" % (dir_type, section, count)
+                                Number of %s names starting with "%s": %d </h3>""" % (dir_type, escape(section), count)
                                 PrintMagazineTableColumns()
                                 bgcolor = 1
                                 for title in sorted(results.keys(), key=lambda x: x.lower()):

Discussion

  • Ahasuerus

    Ahasuerus - 2020-11-20
    • summary: isfdb.org Cross Site Scripting vulnerability | OBB-555717 --> Magazine directory XSS vulnerability OBB-555717
    • assigned_to: Ahasuerus
     
  • Ahasuerus

    Ahasuerus - 2020-11-20
    • status: open --> closed-fixed
     
  • Ahasuerus

    Ahasuerus - 2020-11-20

    Fixed in biblio/directory.py , installed in SVN 576 on 2020-11-20. Closing the Bug.

     

Anonymous
Anonymous

Add attachments
Cancel





MongoDB Logo MongoDB