Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.
Bug 354746 - Website contains potential XSS vulnerabilities, possible third party code
Summary: Website contains potential XSS vulnerabilities, possible third party code
Status: CLOSED FIXED
Alias: None
Product: Epsilon
Classification: Modeling
Component: Core (show other bugs)
Version: unspecified   Edit
Hardware: PC Linux
: P3 normal (vote)
Target Milestone: ---   Edit
Assignee: Dimitris Kolovos CLA
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-08-15 13:33 EDT by Denis Roy CLA
Modified: 2020-04-13 12:21 EDT (History)
2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Denis Roy CLA 2011-08-15 13:33:35 EDT 
I was looking at your feed parser code today, and discovered at least one page that may have a XSS vulnerability:

http://dev.eclipse.org/viewcvs/viewvc.cgi/www/gmt/epsilon/doc/articles/article.php?view=markup&root=Eclipse_Website

$articleId = $_GET['articleId'];
$articleId seems to be used throughout the code without any untainting.

Also -- and I may be wrong about this -- but this looks like third party code for which I could not find a CQ:

http://dev.eclipse.org/viewcvs/viewvc.cgi/www/gmt/epsilon/doc/articles/wikitexttohtml.php?view=markup&root=Eclipse_Website

http://dev.eclipse.org/viewcvs/viewvc.cgi/www/gmt/epsilon/doc/articles/feed/FeedItem.php?view=markup&root=Eclipse_Website

http://dev.eclipse.org/viewcvs/viewvc.cgi/www/gmt/epsilon/doc/articles/feed/FeedWriter.php?view=markup&root=Eclipse_Website
Comment 1 Dimitris Kolovos CLA 2011-09-20 06:33:19 EDT 
Thanks for spotting this. I've fixed the XSS vulnerability. I wasn't actually aware that we needed to file CQs for 3rd party code for the website but I'll locate all such code and file CQs for it shortly.