oss-sec mailing list archives
XSS in roundup bug tracker 404 page
From: Hanno Böck <hanno () hboeck de>
Date: Fri, 5 Apr 2019 11:45:01 +0200
Hi, I recently discovered that the python bug tracker had a trivial reflected Cross Site Scripting vulnerability on the 404 error page. It essentially just reflected the URL path, so anything like http://hostname/<img src=x onerror=alert(1)> (properly URL-encoded, but browsers do this automatically) would result in XSS. The software python is using here is the Roundup issue tracker, it's been reported there as well [2] and fixed in their repo (but no release yet). [1] https://github.com/python/bugs.python.org/issues/34 [2] https://issues.roundup-tracker.org/issue2551035 -- Hanno Böck https://hboeck.de/ mail/jabber: hanno () hboeck de GPG: FE73757FA60E4E21B937579FA5880072BBB51E42
Current thread:
- XSS in roundup bug tracker 404 page Hanno Böck (Apr 05)
- Re: XSS in roundup bug tracker 404 page Henri Salo (Apr 07)