Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 354746

Summary: Website contains potential XSS vulnerabilities, possible third party code
Product: [Modeling] Epsilon Reporter: Denis Roy <denis.roy>
Component: CoreAssignee: Dimitris Kolovos <dkolovos>
Status: CLOSED FIXED QA Contact:
Severity: normal    
Priority: P3 CC: sinadoom, wayne.beaton
Version: unspecified   
Target Milestone: ---   
Hardware: PC   
OS: Linux   
Whiteboard:

Description Denis Roy CLA 2011-08-15 13:33:35 EDT 
I was looking at your feed parser code today, and discovered at least one page that may have a XSS vulnerability:

http://dev.eclipse.org/viewcvs/viewvc.cgi/www/gmt/epsilon/doc/articles/article.php?view=markup&root=Eclipse_Website

$articleId = $_GET['articleId'];
$articleId seems to be used throughout the code without any untainting.

Also -- and I may be wrong about this -- but this looks like third party code for which I could not find a CQ:

http://dev.eclipse.org/viewcvs/viewvc.cgi/www/gmt/epsilon/doc/articles/wikitexttohtml.php?view=markup&root=Eclipse_Website

http://dev.eclipse.org/viewcvs/viewvc.cgi/www/gmt/epsilon/doc/articles/feed/FeedItem.php?view=markup&root=Eclipse_Website

http://dev.eclipse.org/viewcvs/viewvc.cgi/www/gmt/epsilon/doc/articles/feed/FeedWriter.php?view=markup&root=Eclipse_Website
Comment 1 Dimitris Kolovos CLA 2011-09-20 06:33:19 EDT 
Thanks for spotting this. I've fixed the XSS vulnerability. I wasn't actually aware that we needed to file CQs for 3rd party code for the website but I'll locate all such code and file CQs for it shortly.