[ltb-dev] [LDAP Tool Box - Bug #602] (New) Poor XSS validation

noreply at lsc-project.org noreply at lsc-project.org
Tue Jul 23 01:23:18 CEST 2013

Issue #602 has been reported by John Menerick.

Bug #602: Poor XSS validation

Author: John Menerick
Status: New
Priority: Urgent
Assigned to: 
Category: Self Service Password
Target version: 

change.php: Line 215, resetbyquestions.php: Line 204, resetbytoken.php: Line 237, sendsms.php: Line 234 / 247 / 248 / 266, sendtoken.php: Line 210, and setquestions: Line 195 all involve a type of validation / sanitization which is not enough to prevent malicious requests from reaching the user's browser.  Htmlentities will prevent some but not all XSS attacks.  It really depends on the execution context.  Relying on the htmlentities encoding function is equivalent to using a very weak blacklist.   See http://wiremask.eu/?p=tutorials&id=10 for additional information on how one may bypass htmlentities.

You have received this notification because you have either subscribed to it, or are involved in it.
To change your notification preferences, please click here: http://tools.lsc-project.org/my/account
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ltb-project.org/pipermail/ltb-dev/attachments/20130723/b8e1ae53/attachment.htm>

More information about the ltb-dev mailing list