[Bb-trac] [bbPress] #592: http://bbpress.org/forums/bb-edit.php improperly filtered input

[bbPress]

#592: http://bbpress.org/forums/bb-edit.php improperly filtered input
------------------------+---------------------------------------------------
 Reporter:  chrishajer  |       Owner:      
     Type:  defect      |      Status:  new 
 Priority:  high        |   Milestone:      
Component:  Front-end   |     Version:  0.80
 Severity:  major       |    Keywords:      
------------------------+---------------------------------------------------
 I was adding a new topic at bbpress.org/forums and used the <pre> tag in
 my post (which is not allowed, but blockquote does not set the text apart
 at all.)  It resulted in a MySQL error that appears to be unfiltered input
 or a possible SQL injection.

 Here are the steps.

 1.  I started a new topic.

 2.  Went to edit the post because I did not like the way the <blockquote>
 was styled (i.e. not indented) so I tried  the <pre> tag.  Not sure if I
 can add attachments here, but if I can, it is called post-submission-
 bbpress.txt.  That is the text that was submitted after editing.

 3.  I got the attached error after editing that post:
 a.  error-text-bbpress.txt is a copy of the text displayed in the browser
 b.  error-source-bbpress.txt is the source of the above page
 c.  sql-error-bbpress.png is a screenshot of the browser window without
 the chrome

 I did not try to exploit it further.  I know just enough about SQL
 injection to know that this shouldn't happen :)

-- 
Ticket URL: <http://trac.bbpress.org/ticket/592>
bbPress <http://bbpress.org/>
Innovative forum development