+- UserSpice (https://userspice.com/forums)
+-- Forum: Support Center (https://userspice.com/forums/forumdisplay.php?fid=23)
+--- Forum: UserSpice 4.3 and Below (https://userspice.com/forums/forumdisplay.php?fid=26)
+--- Thread: XSS security issue (/showthread.php?tid=514)
XSS security issue - Caspar Leo - 04-03-2017
Hey,
noticed a XSS vulnerability in users/edit_profile.php on line 45:
$newBio = $_POST['bio'];
Should be: $newBio = Input::get('bio');
Otherwise we got some naked & public scripts in users bios
XSS security issue - mudmin - 04-03-2017
Yep! You are right. Thank you for this. I will get this on the todo list. THANK YOU!
XSS security issue - mudmin - 04-16-2017
Actually, I double checked this. The problem with using Input::get there is that it would strip out all your formatting and punctuation. You'll noticed that the data is sanitized as it's displayed on the profile.php instead...
$usbio = html_entity_decode($thatUser->bio);
The XSS vulnerability should be taken care of by the token check done in the validation on line 41 unless you're seeing something I'm not.
I could definitely be missing something here. Let me know what you think.