PHP :: Sec Bug #68079 :: XSS in Online Documentation Editor

Sec Bug #68079	XSS in Online Documentation Editor
Submitted:	2014-09-22 21:01 UTC	Modified:	2014-09-29 16:29 UTC
From:	leight+bugs at gmail dot com	Assigned:	yannick (profile)
Status:	Closed	Package:	Online Doc Editor problem
PHP Version:	Irrelevant	OS:	-
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	leight+bugs at gmail dot com
New email:
PHP Version:		OS:

New Comment:

[2014-09-22 21:01 UTC] leight+bugs at gmail dot com

Description:
------------
There is an XSS possibility when using Google Account login and possibly other types of login.

For Google Accounts specifically, setting the "nickname" to the following:


"; alert("hi");</script>


Results in the script being executed on the main login page - I have not tried logging in proper, as I did not want to risk injecting a script into all online users browsers.

I think an input sanitising review may be needed across the entire editor.

Test script:
---------------
"; alert("hi");</script>

Expected result:
----------------
No alert

Actual result:
--------------
hi

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2014-09-23 16:20 UTC] tyrael@php.net

-Assigned To: +Assigned To: yannick

[2014-09-29 16:29 UTC] bjori@php.net

-Status: Assigned +Status: Closed

[2014-09-29 16:29 UTC] bjori@php.net

http://git.php.net/?p=web/doc-editor.git;a=commit;h=b2eebbf925ae7d22842c4a182131d183b1a63771

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Thu Jul 03 21:01:34 2025 UTC